In order to use Theatre Manager, each Employee must log in.
For PCI compliance, each employee must have their own individual Employee login and password. This means that no two users can 'share' a user account, such as 'Box Office Volunteer' or 'Marketing.' All transactions that take place within Theatre Manager are tagged to the Employee who processed the data. If generic employees are used, then tracking audit issues will be impossible.
There should be one (and only one) Master User in a database.
The Master User is not a specific person, but rather an 'Administrator' much like on Windows or Mac. This 'Administrator' does not do sales, run reports or mail lists or other daily operations. Instead, the Master User acts as a system technician who adjusts and edits how Theatre Manager operates. The Master User is a 'know all/see all' user, and therefore for PCI compliance, there is only ONE Master User. All other users are considered 'Normal Users' (some of whom have more privileges than others, but they all fall within the 'Normal' category).
The Master User password is generally known by only a few people within a venue.
These people will have their own login as employees, which is used for daily operation. The Master User is only used to make operational adjustments to the database such as adding new employees.
When providing Remote Assistance, AMS technicians will often require the Master User password as they will be making adjustments to the operation of Theatre Manager. |
Login passwords should be set to expire every 90 days.
For PCI compliance, all passwords must be set to expire every 90 days, and will be required to be reset by the user. You will receive a warning several days in advance of your expiration date that your password will need to be changed. The expiration and other password parameters are controlled on the PCI Security tab of Setup >> System Preferences.
The Log In window provides valuable information about the database.
The log in window provides information such as:
Theatre Manager will always revert to the last used database.
If you utilize a 'Training' database, take extra care to note which database you will be logging into by checking the Database Name at the bottom of the log in window. If the Training database was accessed last on this machine, then Theatre Manager will attempt to log on to the Training database. If you intend to log into the live, 'Production' database, you will need to change databases first.
The Web Listener may be set to automatically log in.
If you utilize a dedicated Web Listener (Arts Management Systems recommends one for venues just starting with web sales, and a minimum of two dedicated web listeners for venues with a higher online sales rate) the dedicated machine may be set to automatically log in to web sales.