Remove Forum link from Sitelink Web

Ron

How do we eliminate the forum option? We do not want employees at our facilities opening web browsers on our office computers.

teesee150

You should be using the Group Policy editor in Windows to prevent them from opening web browsers if you're that concerned with it.

Sue_C

Hi Ron, thanks for your input on StorageForum!

While we understand your concern about goofing off at work, and it's true there are some off-topic categories on the forum, we designed StorageForum to be a valuable source of information for owners and managers. You'll find that most discussions relate specifically to SiteLink software or to the self-storage industry as a whole.

We hope that you and your employees find this information educational and thought-provoking, ultimately helping your business grow by learning from the greater community of SiteLink users.

Thanks again for your sharing your thoughts.

AZStorageGuy

I for one am glad to see this community forum added to Sitelink.  To me, discussion forums are a huge bonus and a great way to "crowd source" the knowledge base for any area of specialization, storage-related or not. 

There are a lot of smart folks out there in self-storage-land!

AZStorageGuy

Also, our company gives each facility manager a Computer Use Policy that makes it real clear in no uncertain terms--personal use of the office computer is forbidden.  It is for official and business purposes only.  Violation of this policy is grounds for termination.  Every employee must sign off on this.

Beyond that it boils down to this: you either trust your managers. . . or you don't.

Ron

Sue_Community_Mgr said:

Hi Ron, thanks for your input on StorageForum!

While we understand your concern about goofing off at work, and it's true there are some off-topic categories on the forum, we designed StorageForum to be a valuable source of information for owners and managers. You'll find that most discussions relate specifically to SiteLink software or to the self-storage industry as a whole.

We hope that you and your employees find this information educational and thought-provoking, ultimately helping your business grow by learning from the greater community of SiteLink users.

Thanks again for your sharing your thoughts.

So you will not have an option to remove the links?
We have a isolated network option for our employees to use on their time and here you are providing an opportunity for the download of viruses, ransomware or others.

Like Az guy says, we will have to make a policy, click the link and you are un-employed.

This is in a sense ransomware, we have no options, except to change software. 

Ron

AZStorageGuy said:

....

There are a lot of smart folks out there in self-storage-land!

And a lot of not so smart folks too. Ones who deal with issues using what they think is "common sense" instead of the statutes. Look at some of the response to legal questions on other forums...

Drew

I like the idea and will definitely participate but agree with Ron here.

If there was an option for a district manager or someone higher up to have access to turn the feature on or off, that would be great!

AZStorageGuy

Anything connected to the Internet has the potential for being hacked, infected, etc.  Protection is a never-ending quest.  It goes with the territory like breathing the air.

The benefits outweigh the risks.

Ron

teesee150 said:

You should be using the Group Policy editor in Windows to prevent them from opening web browsers if you're that concerned with it.

Thanks, I did look into that, however we do still need the browser for the Virtual Terminal from our credit card processor. Until we can switch software, I might look at Firefox, I think you used to be able lock it to one website. 

Crazy, to be so concerned with security on their web edition, (stand alone is always vulnerable), then to do this... 

Ron

AZStorageGuy said:

...

The benefits outweigh the risks.

That is your assessment, for other facilities, it is not worth the risk. I am not worried about the sitelink data, however I know the gate data that sitelink shares with the gate program is not encrypted and with the fine upwards of $3000 per tenant if the data is breached, definitely a concern.

My problem is, we are not given an option, SMD made the risk-benefit analysis for everyone.

opss

I am so glad to see a form for sitelink. It is a wonderful addition and will be a help to my staff and myself

Howard

Ron

My issue is not with the forum, it is a good thing. However I do not want the forum accessed from our workstations. We have at times 4 part time employees working at our locations. They do not need to be on here. I can give the website address to our managers.

MegumiM

I don't think it needs to be taken off. Maybe just add it to the security level settings so we can set it to only certain employees can access it.

Ron

MegumiM said:

I don't think it needs to be taken off. Maybe just add it to the security level settings so we can set it to only certain employees can access it.

That would be great, the reason they added to the main screen is because this forum had been up for a while but it was very quiet.

I did find a way to block it, however it does block it for everyone.


In the C:\Windows\system32\drivers\etc\hosts  file you add the text :
:
127.0.0.1 storageforum.sitelink.com


(you do need to be in admin mode to save on the file, the first computer I just saved it to another directory then moved it over)

That will just load an error page, then the home button loads the virtual terminal.

I will do this to both our local facilities until they put a security level setting.

AZStorageGuy

Ron, don't you think it would be helpful for your part-timers as well as your full-timers to have access to the forums?  It might give them insights they wouldn't otherwise get.  Just wondering.

Ron

AZStorageGuy said:

Ron, don't you think it would be helpful for your part-timers as well as your full-timers to have access to the forums?  It might give them insights they wouldn't otherwise get.  Just wondering.

Seriously, no. I do not want full timers on forums either. We tried that before with the ISS forum and it was a disaster. A lot of advise given is not relevant for our state or not the legal way of doing things. If I find something worthwhile I will share it our facilities and we can discuss it as a group.

If I have an employee that is on a management track, I like them to be on the forums so we can discuss why things are done differently or the post was a great idea. Most of the time when somebody asks a question on a forum the normal response is "well here we do it this way", which is no help at all.

From the emails I get from the state lien law site, (which was recently re-activated), a lot a facilities have no clue about their statutes, it is just the way it has always been done.

Another risk is links posted in some of the post. I posted some earlier from one of the largest auction companies in California, but their websites are so infected, I am sure not everyone has really good virus protection, so I removed them.

Our workstations are not for internet, we have another computer for that. But since we were not given a choice, we have it blocked and we will start to test drive Domico


If you have stand alone, you seriously should not getting on the internet with you sitelink computer.

David_McCormack

Not directed at Ron or his concerns, but closely related to this thread.

Regarding the other browser based service now linked from the SiteLink Web Edition Windows client (MyHub.sitelink.com)

Check out the information page if you are not familiar with MyHub:

https://www.sitelink.com/products/web-edition/sitelink-myhub

I want it to be known that the same security access, and permissions that apply in the windows client also apply to MyHub.  In other words: if an employee is set up so they can not see/or do things (such as: change settings, view full Credit Card numbers, delete move-ins etc) in Web Edition at the store, that same limitation applies to MyHub. In reality, there are fewer settings/options/views that can be seen/changed in MyHub than in the Windows Client.  

With that said, I know there are customers out there, who have not reviewed their security settings in SiteLink recently.  I urge all area managers, owners and SiteLink administrators to review this YouTube video, and then their security settings in SiteLink (it's only a few minutes long).

https://www.youtube.com/watch?v=zpaKmVitFSU

AZStorageGuy

A good take-away, then, (and a possible solution for some if not all) would be for self-storage employers to have an Acceptable Forum Use policy for their managers to agree to and follow. 

Lay out the ground rules and put everyone on notice: this is ok, this is not.

Rule #1.  The forums are NOT for general chit-chat!  They are for sharing accurate, truthful, helpful information with our colleagues to help us all do our jobs better using the tools in Sitelink and to better serve our clients.

Ron

opss said:

I am so glad to see a form for sitelink. It is a wonderful addition and will be a help to my staff and myself

Howard

Just curious, how much staff do you carry for a facility smaller than 250 units? One of our sites is twice that and we have 1 employee. Our north Stockton facility is just over 500 units and we have 4 employees there. 1 full, 3 part time.

Drew

Again, agree with Ron here.

My employees sign a policy waiver (acknowledgement of use of computers and internet included) along with signing the last page of my training and procedures manual that it was read thoroughly and understood. They do things how I want them done, not how someone else does them. If they have an issue with Sitelink they call me or tech support - not that difficult.

I take great pride in getting feedback from the assistants, managers, customers, owners - everyone, to dial in the process better. This might be a good resource for me but not the store employees. A simple on/off switch in corporate control should not be that hard to implement.

AZStorageGuy

I see both Drew and Ron's point. (even as a full-time employee/manager)  There may be a situation where an employer doesn't want the forums readily accessible to any and all Sitelink users.  Some kind of on-off switch or filter of some kind under Corporate Control wouldn't be a bad idea in that case.

awallis

I like the idea of the forum, but really think that the access to this should be a security level item.
Only managers/owners need full access or any user we want to delegate this access too.
Please fix this quickly 

Luke_Lenzen

Thanks to everyone for their valuable feedback thus far. We did the full launch of the StorageForum just yesterday and the usage and feedback from customers has been excellent. We designed StorageForum to be a valuable source of information for all SiteLink users. The SiteLink User's Conferences have always been a huge success, in part due to customer collaboration. Customers continue to ask for additional ways to learn about SiteLink's features and to collaborate with other operators in the industry - StorageForum is the result of this feedback. 

There were a few items mentioned above that I wanted to clarify. 

"SiteLink provides unencrypted data to the gate system"

Yes this part is correct. I am not aware of a widely used and supported gate system in our industry that accepts encrypted data.  Most gate systems accept the following information: Unit Name, Tenant Name, Tenant Phone Number, Gate Code, Gate Time Zone, and Lock Status. This information does NOT include highly sensitive information like Credit Card Data, SSN, etc. which is always fully encrypted.

"The StorageForum can be a security threat"

The StorageForum platform is built upon Vanilla Forums, one of the highest rated cloud infrastructures dedicated to forum development. The Vanilla Forums architecture is similar to the PCI Level 1 Certified SiteLink Infrastructure and has security built-in from the ground up. I have attached a brief security overview for Vanilla Forums which describes some of their publicly disclosed security measures and certifications. In addition to the Vanilla Forums security and malware protection, the SiteLink Support Team also monitors for any malicious posts. 

Thank you for the feedback and robust discussion on this topic. We will assess the recommendation for an option to hide the community link in SiteLink Web Edition.

Ron

The forum did allow a link to a California Auction company who's sites are block by trend micro for having malicious software (denos communications California Storage Auctions). The forum is protected, but not those who click on the links.  It is a pretty easy question, yes you will add the security measures, or you won't. Please do not just fluff this off. 
And in California, it is considered a data breach if only the name and id number is compromised Ca civ code 1798. If more than 500 tenants are compromised, the attorney general must be notified.

Ron

This is why we never allowed internet access from any computer that was on site like stand alone, it is an unencrypted .mdb file that can be read with notepad

PhilR

An option in the security level settings to either enable or disable the forum button would be a great idea. That way you can allow some people to access these forums and block others that don't need to be on here. 

Luke_Lenzen

We have taken all of the customer feedback and discussed this internally and we plan to implement the ability to hide the StorageForum buttons in SiteLink Web Edition based on the Employee's Security Level.  There will be a new option under Program Defaults, similar to the way the security limitations on Credits work, where you will be able to pick the lowest Employee Security Level where the buttons to the StorageForum appear.  Thanks to everyone for their feedback.

Drew

Thank you Luke! Any time frame on the update?

Ron

Thanks

Luke_Lenzen

It is a top priority for us and we hope to have the new setting available in a silent release by the end of next week (most likely sooner).  I will post another comment here when it has been released so you can force a live update to get the changes.

Drew

Luke said:

It is a top priority for us and we hope to have the new setting available in a silent release by the end of next week (most likely sooner).  I will post another comment here when it has been released so you can force a live update to get the changes.

Luke_Lenzen

We have released a new configuration that will allow you to hide the StorageForum buttons in SiteLink Web Edition based on security level.  Under Setup->Program Defaults you can specify the minimum security level required for the buttons to appear in SiteLink.  To get this change you need to force a live update.

Wendy

It seems to me that this could be an area that Managers/Owners can "lock out" employee access.  Even as a site manager there are functions I am locked out of in SL - (like editing merchandise, passwords, etc -- my business manager and owner have access )  Why would this be so hard  (SL) to execute this section in this manner..?

PhilR

@Luke_Lenzen Thanks for that. 

AZStorageGuy

Henceforth, we can call this the @Ron option.

PhilR

AZStorageGuy said:

Henceforth, we can call this the @Ron option.

HAHA

Ron

AZStorageGuy said:

Henceforth, we can call this the @Ron option.

Lol, when I get back from holiday in Arizona, I will do the update. 

Sue_C

Let us know if it works out for you @Ron! Has anyone else implemented the security level change?

Ron

I will be back in town next week. I will do the update then. For now it is blocked by the edited host file

Climateguard

Nice feature, works well.

Ron

I did the update and modified the program settings. I then commented out the 127.0.0.1 storageforum.sitelink.com with a # in the host file.  It is working for the area managers, and I will test it out on the part timers soon.

Sue_C

Glad it's working so far @Ron!

Adrienne_Danyel

Ron said:

opss said:

I am so glad to see a form for sitelink. It is a wonderful addition and will be a help to my staff and myself

Howard

Just curious, how much staff do you carry for a facility smaller than 250 units? One of our sites is twice that and we have 1 employee. Our north Stockton facility is just over 500 units and we have 4 employees there. 1 full, 3 part time.

We have 613 units with 1 property manager, 1 assistant manager & 1 relief manager whom covers our days off & vacation time. We have a total of 32 location & just bought another 4. Which most are only ran by 1 property manager & a relief manager. Question I have is why did you ask Howard that questions? 

Adrienne_Danyel

Sue_Community said:

Let us know if it works out for you @Ron! Has anyone else implemented the security level change?

No Sue. Our company fully trust their employee's. And the storage forum is very useful because of the time difference when having to call sitelink. We utilize the forum often. 

Storagelife

As a storage manager I love the forum. There is so much great information that is very helpful. I do understand your concerns. But you should trust the one that holds your investment in their hands. 

JulieA

We also avoid using the internet on our main desktop computer.  Too much risk. 

Ron

Adrienne_Danyel said:

Ron said:

opss said:

I am so glad to see a form for sitelink. It is a wonderful addition and will be a help to my staff and myself

Howard

Just curious, how much staff do you carry for a facility smaller than 250 units? One of our sites is twice that and we have 1 employee. Our north Stockton facility is just over 500 units and we have 4 employees there. 1 full, 3 part time.

We have 613 units with 1 property manager, 1 assistant manager & 1 relief manager whom covers our days off & vacation time. We have a total of 32 location & just bought another 4. Which most are only ran by 1 property manager & a relief manager. Question I have is why did you ask Howard that questions? 

Just curious, looking at staffing options. At our Stockton offices, we always have 2 people in the office and during lunch and breaks when there is 1, we lock the doors and screen who comes in. Our facilities are not in economically prosperous neighborhoods. Our Nevada location, different story

urbansecurityguards

Thanks for this post. It proves very informative for me. Great post to read.

 

If you are looking for the top security companies in London that provide its customer with remarkable security services. Check out this site for security services and top security guard companies