I agree with Jake on these. 

We should have Omni affiliation and a means of contact for every person who has door access. And root access to the door control computer should be carefully controlled and logged.

In my opinion, anonymous access to the door control computer is probably the more worrisome issue. If you can at least track *who* is adding people to the access list, that would be a good start. Then we can at least reeducate those people to fill in the required information - or suspend their admin access if they keep adding unaffiliated people...


On Wed, Jan 20, 2016 at 1:57 PM, Jake <jake@spaz.org> wrote:
As one of the people with the ability to edit the Front Door Magnetic Card Access System,  I have a few questions for everyone to think about:

What are our requirements for information kept on each card?  This information is only available to people like myself with root access on the door control computer.

I was going on the assumption that, for each card able to open the door, we should store the following information:

1. the name or nym identifying the person who will be using the card
2. a way to contact that person (phone number or email)
3. at least one affiliation with a member collective (sudo, CCL, BAPS etc)

I have been seeing cards getting added to the records without #2 and #3 and I wonder if we, as Omni, thing this is a sustainable policy.

Also, I don't know how many people have access to the door control computer, and access is presently anonymous.  Is this something that should be more curated?  We have a mailing list access@lists.sudoroom.org but I never get any responses from anyone on the list.

thanks for your thoughts on this.

discuss mailing list