Manage Learn to apply best practices and optimize your operations.

Can content management tools customize access request forms?

Still using a paper system for access requests? In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin explains which content management tools can customize your Web-based forms.

I work for a bank, and we currently use a paper system for access requests. Do you know of a form product with a back-end database? Or do you have any other ideas?
What you're basically looking for is a Web-based application for users requesting system access. This can be handled by any software or application that builds forms.

Such products can produce customized forms for any purpose, including access management requests. These are the tools' sole function, and they don't come with a database. Once the form is built, however, the products can be set up to dump the requests into a database or drop them in an email box for your access management staff.

Any content management tool, such as Teamsite or Lotus Notes and Domino, should have development kits for creating customized forms. There are a number of other smaller players in the market as well, such as Absolute Form Processor from XIGLA and Form1 Builder from ezyForm.

Another possibility, if you have the development staff on hand, is to simply develop a Web-based application in-house. The application could be written in any widely used language -- Java, .NET, PHP or Python -- and would consist of a front-end form in HTML that sends request data to either an email box or a back end data store, where your access management staff could retrieve it later.

Development of Web-based forms with back-end databases is bread and butter work for most Web developers.

The only other thing to keep in mind when deploying such a system is to make sure it securely transmits access requests over SSL, even inside the company. It's also important that ordinary users have access only to their own data and not the requests of the whole company. Along these lines, Web, application and database servers supporting such a project should be hardened, patched and up-to-date.

More information:

  • Handle application and data access requests with more efficiency.
  • Learn the common components of any access management strategy.
  • This was last published in March 2007

    Dig Deeper on Web authentication and access control

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.