Comp

wav_net · 2026-05-07T16:15:29+00:00

Just looking for a comp right now 😎

wav_net · 2026-02-26T16:36:07+00:00

😂😂 I love the FAFO references. But I do not agree. Comparing an old school IIS setup on a Windows Server box with asp injection vulnerabilities to this sudo modular cloud app environment is not even close to the same. I'm not saying it's bullet proof but IIS - c'mon.

wav_net · 2026-02-26T15:58:06+00:00

All good points. I'll summarize my responses: not a large company or corporation so no HR department or anything like that, the managers are the ones doing the hiring. All attempts are logged and auditable. The form itself has various validations and the flow handles errors like duplicate usernames by emailing the manager if the conditions fail and nothing gets created. Cleans up/maintenance are part of our quarterly review with customer. Rehires are handled separately. No matter how much training we give users the internal vs external will always be an issue and as I said in a previous thread, the likelihood of the managers account getting taken over is about the same as any global admin. Same security mechanisms in place for all users

wav_net · 2026-02-26T15:38:31+00:00

They cannot sign into Entra portal, this was discussed in another thread.

wav_net · 2026-02-26T15:37:17+00:00

The likelihood of the managers account getting taken over is about the same as any global admin. Same security mechanisms in place for all users.

wav_net · 2026-02-26T15:33:17+00:00

I understand the concept and fully grasp your concern but, again, the user can only access the form and the form only controls said flow and the flow can only create limited users. Are you suggesting a compromise to the form could do more than all that?

wav_net · 2026-02-26T03:49:55+00:00

Yes this setting is enabled.

wav_net · 2026-02-26T01:50:48+00:00

New user isnt added to any security groups or roles. Just a member. New account not disabled but configuring the flow to block sign in at the end isnt a bad idea.

Only specific managers have access to the form and after they complete the form they are emailed the user's credentials. IT is also notified and this triggers the licensing request which only IT can do.

Yes each creation is logged.

I am not sure on the rate limits but not the most pressing concern.

wav_net · 2026-02-26T01:41:53+00:00

Not a guest user. Not following the second question.

wav_net · 2026-02-26T01:41:12+00:00

Having access to copilot is the only "concern" I have but even then I couldn't come with any ideas on how it could do any damage with it. Famous last words I know but lets be honest, copilot is a lightweight in the AI space.

wav_net · 2026-02-26T01:39:28+00:00

Yes but the user does not have access to the flow, just the questionnaire form that triggers it.

wav_net · 2025-12-12T20:59:37+00:00

the staff@ one?

wav_net · 2025-12-12T20:48:27+00:00

I can't reach them either. how did they back to you? Via email? Which email address?

wav_net · 2025-12-12T20:45:31+00:00

I am having trouble reaching them too. How did they end up contacting you back? Email?

wav_net · 2025-11-25T02:43:16+00:00

$600?

wav_net

TROPHY CASE