Raiser’s Edge, PCI Compliance and the Dreaded, Buggy Lock Screen

There were a lot of complaints when in version 7.91 (?) of The Raiser’s Edge a major new feature was PCI compliance including a lock screen. Firstly there were issues with long running processes, global changes, imports and customisations also locking up and not continuing. There were many people who said “why?”. We don’t store credit cards and have no intention of doing so. Some of the security additions were very welcome. The previous password policy (nothing larger than 8 characters, no minimum and the ability for supervisor uses to reveal the password in security) was terrible. Even the policy of forcing users to change their password after a certain time, while annoying for the user, is an industry standard and can also be turned off.

However the lock screen is my pet peeve. I am somewhat of a different type of RE user. I am not a fundraiser (despite the many LinkedIn endorsements – thank you). I am a software developer. As a software developer I care very little for PCI compliance. Most if not all of my constituents are fictional. And yet I have no opportunity to turn off the lock screen. Most organisations that are careful about security will enforce a group policy Windows lock so that after a few minutes of Windows inactivity the screensaver comes on and returns to the password screen. Again this is a sensible precaution. As a small business I have Sage accounting software which is PCI compliant. It does not lock out.

My latest issue is that RE locks, I unlock it, it opens RE only to lock again. Or it locks, I unlock it, it opens and then something locks again. RE is open but the lock screen appears in front of it. I unlock it and, because there is not actually anything to unlock, it crashes. I don’t know what is going on but this is very annoying.

Come on Blackbaud, make the lock screen optional for all users. Not just those with non-supervisor rights (or with Windows Authentication)!

 

EDIT

It has come to my attention that I am probably in a minority position here. I regularly have a development environment open with programs that are attached to RE. This may or may not be a cause of the problem. I don’t know. I know that RE crashes when I unlock it even if I don’t have external programs attached to it. I have not been told specifically of this happening to other people so it is unfair to say that it is buggy. (By all means feel free to share your experiences in the comments). The point is I believe that the lock screen is overkill.

3 thoughts on “Raiser’s Edge, PCI Compliance and the Dreaded, Buggy Lock Screen

  1. It’s definitely buggy. Making it optional would be a huge improvement.

  2. I was wondering if it was just me. I was also wondering if it has to do with accessing RE through the development environment. Does that affect it? I wonder if “regular” users i.e. non-developers put their machine to sleep (as opposed to turning it off) and then on waking it up and unlocking RE it crashes.

  3. I’m a developer, but I don’t have processes attached to RE7.exe… my applications log in to RE (RE7.exe need not be running) to perform specific tasks, and so bypass the lockouts.
    What I have noticed though is that: it doesn’t always lock one out; if you have a dialogue box (such as Open Constituent) open and it locks you out then you can’t get back in at all; and that if you have more than one instance running it may lock you out of one instance but not the other.

    As for “Sleep” I don’t know, but I do know RE does not handle Hibernate very elegantly (ie; do not hibernate unless you’ve saved all your work).

Comments are closed.