Understanding Profile Expiration Policy
The Profile Expiration Policy is a crucial aspect of managing user data within The Alcatraz System. This section provides comprehensive configurations related to how user profiles are handled over time. Here, we will explain the various facets of the Profile Expiration Policy and its implications for system administrators and users.
Time Zone Selection
By default, visitor badges and profiles are set to expire at midnight UTC. By changing the Time Zone, administrators can configure the system to align with the local time zone of the organization.
Regular Profiles
By default, profiles are set to never expire. This means that once a profile is created, it will remain in the system indefinitely unless manually deleted by an administrator.
Retention Period
Optionally, the system can be configured to automatically delete profiles that have been inactive for a specified number of days. This feature helps maintain a clean database by automatically removing inactive profiles of visitors, past employees, and others who are no longer using the system.
Exclusion List
Profiles that are included in the exclusion list are set to never expire, regardless of inactivity. This is particularly useful for VIP users or remote users who only occasionally visit a site and do not want to go through the enrollment process each time.
Click + Add to Exclusion List
and then enter the card format, facility code, and card number to be added.
Visitor Profiles
Visitor profiles are predefined cards entered into the platform to streamline visitor check-ins. These profiles expire daily at midnight in the timezone specified above, making the badges available for new visitors the next day. More information can be found here: Visitor Profile Configuration.
Profile Bio Opt Out
The Bio Opt-Out functionality allows Account Administrators to maintain a list of cards for personnel who do not want to be enrolled in the Alcatraz system. More information can be found here: Bio Opt-Out Configuration
Security and Logging
When a profile is deleted, whether due to expiration or manual intervention, a 'Profile Deleted' security event is logged. This ensures that there is a traceable record of all deletions, enhancing security and accountability within the system. Administrators can review these logs to monitor and audit profile management activities.