[« back to the main step to success outline]
2 - Logins, Passwords & Permissions
2.1 - Main Website Features
2.2 - Username & Password
2.3 - Creating An Adilas Bookmark or Favorite
2.4 - User Permissions

2 - Logins, Passwords & Permissions
2.1 - Main Website Features   The main web address for adilas is: www.adilas.biz

The main web address for training is: www.adilasuniversity.biz

The main adilas website is a great launching point for all of your business needs. The page contains a secure login page with links to newly developed and released tools and functions. As new tools are developed, new help files and videos are created and added as needed. This is an ongoing and dynamic process. Check back often for updates and new changes! Yee Haw!

The main adilas site has two primary functions. One is an open, non secured area that has flyers, permission lists, free web tools, marketing information, and basic site stats. The open portion of the site is around 20+ pages in size. Anybody with an Internet connection may view and use those pages. These pages are open to the general public and are not tied to the actual adilas databases. If your fiends or business associates need information about adilas, the main adilas website is a great place to start.

The other portion of adilas is all contained behind closed doors (secure) and requires a valid login and specific user permissions to view, use, and play with the main adilas tools and features. In other words, this is the engine underneath the hood... The secure portion of the site is well over 1,000+ pages in size. The secure portion has a number of different names. All of the names mean or point to the same secure portion of the site. We call this portion of the site "the secure data driven pages" or "the actual business platform" or "the application" or "the system". All of these words point to or refer to the secure portion of the adilas site. Once again, kinda the engine or power of the site...

The secured portion is based on a template-type system. Each page is coded and programmed to perform certain tasks and/or functions. Depending on the data passed to the pages, the pages will respond as programmed. For example, in general terms... a single page that is setup to display an invoice will be used to show invoices for all corporations and all invoice numbers within those corporations. This way we code once and use many... :).

Each template is setup to check permissions, settings, look and feel (logo and colors), and actual content. Strict rules are defined so that data from one corporation may not be used or even seen by persons outside of the corporation specific "playgrounds". Think of fenced off playgrounds, sandboxes, or pools where each company is able to record and setup their own business environment without any outside interference. This is called a "semi-shared environment". The shared pieces are the page code and page templates. The un-shared pieces are the specific data that feeds the pages. The data is owned and controlled by each business entity. Adilas uses the saying "Your data, you cache & retrieve it, we secure it". In a way, all adilas really is - is a virtual data portal of sorts.

If you would like to see the pages and tools that are behind the closed doors, you are welcome to contact us for a dummy or play site login. All of the play sites use the actual main application but the data is not specific to a real business. They, the play sites, are what they sound like... a virtual playground or a practice site. These are great places to learn, experiment, or try new techniques or concepts. We welcome inquiries... support@adilas.biz

The main adilas.biz site is also used to help login users to their accounts, corporations, and business data. Once a user logs in, the adilas system will start tracking all of their actions and/or histories. If a user has the correct permissions (checked on every page) they may browser any data within their corporation or company (once again, assuming correct permissions). If they, as a user, make any changes, additions, updates, or modifications, those actions are tracked in the history portion of the application. This happens automatically behind the scenes. Surprisingly enough, once users realize that their actions are being tracked and recorded, it really helps users do a good or better job. They begin to take some responsibility for their work. In a virtual world, they are somewhat "signing" their signature by the system recording their actions as they happen.

A lot of users want to know what to know basic information about how adilas works and what type of security and/or technology we use. This is a scaled down version of the answers to those questions (it can get kinda deep and techy), but we hope it will give you enough knowledge to feel comfortable with what is going on.

Adilas is a web-based application. The entire application rides on top of multiple web servers. Without getting super technical, there are three (3) different types of servers that are used on every page connection. Modern technology allows these connections to take place at lightning fast speeds. Most people don't even know that multiple servers are even needed or being used. To a basic user, they request or ask for something, and the server responds. In the background, there is a basic web server (capable of speaking the web language), the application server or brain (used for crunching data and talking to databases), and the actual database servers (where the actual data is stored). All three (3) of these servers pass data back and forth according to the transaction or request at hand. Each server only does what it knows best and then responds once all actions have taken place.

We use Adobe ColdFusion 10 servers for our application servers (the brains or server-side scripting servers) and MySQL database servers for the database connections and query functions. Both of these technologies are very stable and used all over the web. Each page request checks for a valid login, does a three-way (3) look-up of the user to corporation and the user to the permission(s) required per page. This three-way look-up (3) is done on every single page. If a mismatch is found, the page will abort or stop processing and will send back an error message.

Once a page is requested or sent to the server, the page goes through a thing called "server-side validation". This is a process of checking for correct data, required fields, required values, and a general integrity check of the data. If the data doesn't pass the validation, the server will generate an error message and will wait for the user to resend or try the page again. Remember, you are virtually playing catch with the servers (like baseball or football). If the data is correct, the page will continue to process and record actions as designed. Once it is done, a success message or other valid response will be sent back to the user. If something is wrong or incorrect with the transaction, the server will respond with a human readable error message and help you know what is wrong or what is needed. We, at adilas, have really tried hard to make any success and error messages very readable and speak to you in plain English. For example: You might get a message like this... Choose a location from the list provided. The message is very simple, very easy to read, small and concise, and no random numeric error codes to look-up or worry about... We like it that way... :)

Another common question we get deals with security. We have a number of pieces in place to ensure the integrity of your data and the overall security of the adilas.biz business platform. We use the same technologies and security levels as online banking. From a developer's point of view (the person who makes websites and webpages), adilas has almost 75% of their actual page code that deals with error handling and validation. We take security very seriously.

Each transaction is passed over a secure connection called a "secure socket layer (ssl or https)". This socket layer encrypts data back and forth between the user (client) and the servers. We have a "3 Strikes - You're Out!" policy on failed login attempts. This helps prevent unwanted hack attempts. We use "server-side validation" on all forms and URL variables that are passed to the different servers. We have a special validation routine that checks all submitted data for a thing called "cross-site scripting or XSS". Cross-site scripting is a hacker technique where they use your own website to submit bits of code to the server. Most people only submit to the server what they want to store or what they want to use. However, a hacker may submit a potentially bad program or potentially bad bits of code to the server. Their goal is to gain access or trick the server into giving away important information. Basically, they scan and look for holes or weakness and then try to exploit those weaknesses. We are very aware of this and have taken the precautions to prevent unauthorized access.

One thing we do allow is data exports to Microsoft Excel. This is built into the system. This may not fit in the security portion of this section, but think about this... If we give you the permission to access your data and you are able to pull reports as needed, you become empowered and are able to control your own backups and storage of the data. Once again, it is your data, we just help hold and help you organize it. Having access and control over you own data allows you to sleep at night or at least be at peace with regards to your data. The whole server could blow up, and you would still have your own copy or back-up file of your data. That's good stuff!

All of our servers are commercially hosted by a third party. These third party entities have secure bio entrance data centers, surveillance, and tons of different levels of access to their facilities. We ping (check) our servers every two minutes (2) around the clock to make sure that the servers are responding. If not, we have back-up plans in place to ensure maximum up time. The data centers are state-of-the-art with power back-ups, generators, daily back-ups, built-in redundancy, tons of bandwidth, huge storage capacity, hot/cold rows, climate controls, etc. You name it, they have got it. They, the commercial hosting companies, also have 24/7 tech support personnel, they do daily backups, off-site storage, and have provided over a decade of service to our company and tons of other companies. That's what they do and we think that they are quite good at it! To give you an idea of what kind of hosting companies we use, we welcome you to visit their website and view for yourselves what services they provide. We contract with them to keep your data safe. One of our favorite hosting companies is called Newtek - The Small Business Authority - Web Services Division. We have a number of dedicated boxes (servers) through this hosting company.

The security list doesn't stop there, we have our own off-site storage, weekly back-ups of code and application files, and tons more. We web service inventory data to remote servers, we have revolving passwords for high profile pages, there are booby-traps, trap doors, auto lockouts, hidden histories, user logs, usage reports, etc. Our goal is not to scare you, but more to inform you that we know we are playing in a cyber world (cloud computing and data storage). We encrypt any data that we feel is a potential target (license numbers, social security numbers, birth dates, account numbers, passwords, usernames, etc.). We encode and decode values on the fly as we see fit. We play the game. You have to remember, we've been at this for over a decade (since 2001) and have a vested interest in your safety and your data's safety. Did you know that adilas uses the adilas business platform for all of their business and data storage? True story. Our goal is to allow you to run your business as worry free as possible!

Anyways, to wrap up this section... We have the tools, the code, the experience, the security, and the processes in place. You have the people, the data, and the need. Together, we become a team working at running your business and keeping you happy in a safe and fun way. Choose adilas.biz and WIN!
 
Most of the main adilas engine is contained behind closed doors. A valid login is required to use the tools, functions, and features.
2.2 - Username & Password   Usernames and passwords are common pieces of the web. This is how you get access to the system. Most sites have tons of security built-in to the sites. Lots of the security deals with permissions, validation, and making sure that data and flow are correct. Having said that, most sites are only as strong as the individual usernames and passwords. These values are like keys that opens up virtual doors. Guard them well and even change them from time to time (that's a good practice).

There are two different login pages for the main adilas application. One is right from the main adilas.biz homepage and the other is one step deeper and is called the secure login page. Both login pages do the exact same thing. The main difference is the look of the page and the page title. Technically, the secure login page is already in the https or secure protocol mode (you'll see the lock icon in your browser). Both pages submit the username and password over the same secure socket layer (ssl or https protocol). The result is the exact same even though one of the logins has the word secure and the other one doesn't. Without getting super technical, the main security issue is: where is the page going? Not, where is the page currently at? Long story short, use either one... :)

[main adilas.biz homepage with login]
[standalone secure login page] (both pages do the exact same thing)

Inside of adilas, there is a page called "password and profile" (under a section called system basics) that allows you to interact and change your personal settings. Your username and password are considered personal settings.

The username must be unique. You may use letters, numbers, and/or symbols (special characters). It has a max of 50 characters and a minimum of 4 characters. All values are encrypted for storage in the database. Please note that all usernames are case sensitive.

The passwords are also case sensitive and may contain letters, numbers, and/or special characters. A safe password is one that has both numeric, alpha (letters), and special characters. Sometimes people even mix upper and lower case letters for more protection. Please don't use simple words, phrases, or names of children or pets. Passwords have a max of 25 characters and a minimum of 4 characters. When editing your password and profile, the actual password field is left blank. That is ok and only needs to be entered if you are actually changing your password. All values are encrypted for database storage. Once again, remember passwords are case sensitive.

If you forget your username and/or password, there is a section that allows you to enter your email address and the system will look-up your settings. Your username and password will then be sent to you via email. Here is the link for the forgot password section.

Special Login Note: If for some reason, you get locked out of the system (more than three failed login attempts), type the following web address into your browser. Make sure that the login reset address is entered on the computer that got locked out. After you type the address (or copy and paste it), make sure to submit the page by hitting your enter key. To access the login reset page type:

https://data6.adilas.biz/top_secret/login_reset.cfm

The login reset address above is a force logout of the system. It will reset all values and variables and will allow three (3) new attempts on the login (username and password). We recommend that you write that special address down and keep it in a desk or drawer in case you need it. Not trying to be funny, but the number one tech support issue we face with adilas is users who exceed their three login attempts and get locked out of the system. The little address above is the only way back in... :)
 
Your username and password are your keys to the adilas.biz business platform application.
2.3 - Creating An Adilas
Bookmark or Favorite
  This is not required but it has helped some users feel like they could access the system quicker. A bookmark or favorite is a pre-programmed link right to a specific website. Basically, you get to the site or page and then tell the browser to remember the address. You then get to name it, organize it, and then use it over and over again. The goal is to speed up access and lessen the amount of typing that is needed.

Another option, beside a bookmark or favorite, is called a shortcut. The bookmarks and favorites exist only once a browser is open. However, a shortcut may be created and placed right on your desktop (main opening computer screen). Here are the basic steps (once again, this is not required, but may help):

  1. Open your browser and go to https://data6.adilas.biz/.
  2. Once there, decide if you want a favorite (bookmark with in the browser) or a shortcut (to the same place from outside the browser).
  3. If you decide a favorite, click the button (each browser is slightly different), name it, and you're done. You should be able to use that favorite over and over again. Once again, the favorite is only accessible from within the browser.
  4. If you decide you want a shortcut (a standalone entry point). Look for the File menu and then the Send command. Choose Send/Shortcut to Desktop. This will create a shortcut on the desktop with the correct web address as the pointer or destination.
  5. Navigate back to the desktop so that you can see the new shortcut. That is it for creating a shortcut. You could then use that new icon or shortcut over and over again.
If you want to get fancy... We do have a special icon that you can use for your new shortcut. This is kinda extra... Click on this icon link and save it to your local hard drive. Do this by right clicking on the icon once it comes up and choosing a save option (make sure and remember where you saved it). Once you have it saved, go back to the main desktop and right click on the new shortcut. When the right click menu comes up, choose change the properties of the new shortcut. There will be a small button that says something like "Change Icon...". Click that button and then point the shortcut to the newly saved adilas.biz icon. Change the verbage to what you want and you should be good to go!
 
Use the instructions provided to create a shortcut to adilas.biz right from your desktop.
2.3 - User Permissions   Permissions and settings are some of the major building blocks of the adilas application. Adilas permissions are called "user permissions" because they are assigned to individual users. A user in the system is the biggest and most powerful entity. They reign supreme. Each company or corporation may have multiple users. A single user may be bridged (allowed access) to multiple corporations (thus making them bigger than corporations). The different settings (the other piece of the puzzle) will be covered in a later section, but the two of them, permissions and settings, make adilas what it is today... :)

Inside of adilas, there are over 100+ permissions with more in the works and more on the way. The permissions inside of adilas are constantly changing and morphing into new options for users. This is not meant to scare you, this is more of an informational statement that the application is constantly growing and changing. A little bit of history... We started out with about 5 or 6 permissions. Within the first six months, we had to split those 5 permissions into about 20 pieces to get the flexibility that we needed. The current system has grown from there. If you like history and haven't read the adilas start up history document, it is a good read with lots of information about the growth process.

Anyways, the user permissions are used inside of adilas to gain or deny access to functions, pages, and entire sections within the adilas business platform. Many of the permissions are what we call gateway permissions. This means that once a single permission is assigned, it allows the user access to all of the pieces within that section. Every page within the system checks for at least one permission. Certain pages within the system check for more than 20+ permissions at a time. All of the code and system pages are setup to respond depending on what permissions are assigned or not assigned. If a higher permission is present (meaning assigned), you may get special tools and features that would be hidden to a lower user permission. The entire application is very dynamic and purposely built with multiple different layers. The different layers help your company control access to more advanced or admin-type features.

Permissions may be turned on/off at any time. Each page will check for the correct three-way (3) connection on every page request. The three-way (3) connection is between a user and a corporation and a user and the permissions assigned within that corporation. It is totally possible, if a user has more than one corporation, to be assigned a certain permission in one corporation and to not have that same permission in the other corporation. Each corporation gets to dictate what permissions are assigned or not assigned. Remember, users are greater than corporations because they are able to play in more than one corporation as needed. This allows the user's "roll" or "job functions" to be dynamic per corporation.

If a permission is not assigned to a specific user, the system will try to hide those options. This allows us to change the page layout and options depending on permissions. So a salesperson could be looking at the same piece of data as an administrator, but the administrator may have more options or tools available. This helps the application be flexible and virtually contains the user within thier assignments or job tasks.

On a technical note, the adilas system uses a thing called "roll call accounting" or "business data mapping" to interact with the objects and/or data over time. The user permissions are a major factor in this flow of the data. Each step of the way, the rules are defined. The data needs to be entered, verified or approved, and then passed on to the next step or stage. Depending on permissions, the application is setup to only allow access to certain steps or options (organized flow). The permissions allow us to virtually put up road blocks or gates so that only persons with the correct permissions are able to advanced the ball to the next stage. This is a key concept inside of the adilas system.

Below is a link to all of the current adilas permissions. These permissions do change from time to time as the application is in a constant state of change. If you are a user and have a need for a new permission (or just have an idea), we welcome the inquiries. support@adilas.biz

[view all current permissions]
 
The whole foundation of adilas is built on a network of permissions and settings.