Skip to content
← CommunitySuite Idea Lab

How can we improve CommunitySuite? Search or submit ideas below.

CommunitySuite Idea Lab: Permissions/Logs

Categories

Add Proxy Information in System Log when Login As is used - Audit Purposes

When I login as another CSuite User and then make an update, the system log shows the action was made by the CSuite User, not by me proxied in as the CSuite user. Is there any way for you to record in the system log when an action has been completed by someone else proxied in as the user? We feel this is critical for audit purposes.

23 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Michelle Schneider shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Michael Wiley commented  ·   ·  Report

    I also added this comment to the other suggestion that included a View Only access. Having an audit trail that an action was taken by someone proxying in as someone else appears to be critical for a variety of control functions. As the system currently functions, anyone with the permission to login as someone else can login as other Users (at least those who are not in the Admin group) and perform functions that might be outside of their security group. For example, our Philanthropy team who reasonably should be able to proxy in as a donor to assist them also has the ability to login as a member of our finance team and generate checks. Without another form of control in place to prevent that, it is absolutely critical that logs should record the actual person generating payments of any kind, especially if they have used the Login As function to impersonate another staff member.

  • Katie Hayhurst commented  ·   ·  Report

    My organization has also run into this issue. If the system log was able to identify that an action was completed by someone who proxied in as the user, this would immensely help our audit purposes.

    I also suggested in a separate idea lab that there would be a proxy as VIEW ONLY permission.

  • Michelle Schneider commented  ·   ·  Report

    When I login as a Fund Advisor and then make an update to the contact information or username, the system log simply shows the change was made by "system" not by someone OTHER THAN the fund advisor.

    Similarly, if I login as the fund advisor and make a grant request, the request shows that the request was made by the Fund Advisor, not by me proxied in as the Fund Advisor.

    Is there any way for you to record in the system log and grant request when an action has been completed by someone else proxied in as the Fund Advisor? We feel this is critical for audit purposes.