Click the image above to watch the recording of our 'Enhancing Security' webinar.
Anne discusses and demonstrates the security features and benefits or selected Orchid products, with a particular emphasis on the following:
- 2-step processing: Changes to Vendor, Customer or Employee bank account details must be validated by a different staff member before they take effect.
- Bank account number encryption: Account numbers are stored in encrypted form, and masked when displayed. Only authorise staff can see them in full.
- Audit logging: Details (who/what/when) of any changes to Vendor/Customer/Employee records, as well as creation of payment or receipt batches, are recorded in an audit log.
- Cheque replacement: Transitioning from paper cheques to secure electronic payments removes the opportunity for cheque fraud.
- Positive Pay: Where payment by paper cheque is still required, EFT Processing can still help reduce the risk of cheque fraud by generating ‘Positive Pay’ files for participating banks. (The bank won’t honour presented cheques unless they match details on these files.)
- Event logging: Logging changes (who/what/when) to sensitive fields (e.g. Customer Credit Limit or On Hold flag) can help detect or discourage potentially fraudulent activity.
- Access logging: All Sage 300 logon events can also be logged. (E.g. to identify suspect after-hours access.)
- Custom validation controls: E.g. Admin users can change a Customer Credit Limit to a maximum of X, other users can only change it to a lower limit of Y.
- Transaction-level controls: E.g. during Order Entry, don’t allow changes to Unit Price that would undercut minimum margin.
- Event Notification: Selected events could be recorded in an Orchid Note for increased visibility. They could also trigger an email.
- Separation of duties: A custom Extender script could enforce a rule that a user cannot post a batch that they themselves have created.
- Other Custom Scripts: E.g. call a web service to validate company details, or generate an SMS for real-time escalation of an event.
- System Checks: Schedule regular database dumps, disk space checks, integrity checks and system audits. (Identify and resolve issues early, avoiding potentially harmful consequences.)
- Custom Tasks: E.g. schedule Extender scripts to search for unusual journal entries, or unbalanced clearing accounts, and raise alerts.
- Refresh Cubes: E.g. in the lead up to month end, refresh and distribute an Info-Explorer cube that can be used to identify old unposted batches, clearing or suspense accounts with non-zero balances, etc.