Many Orchid products can be used to add additional layers of security, either proactive or reactive, to Sage 300.

Security is about much more than remembering to lock the office door behind you, or scanning your emails for viruses. If we take a broader view, anything that can help identify or mitigate threats to your business might be considered part of your security regime:

  • Some security threats are external, but when it comes to fraud the sad reality is that risk is far more likely to be inside the business.
  • Technical problems like data corruption might not involve any malicious action, but that’s small comfort when they result in disruption to your operations and start impacting your bottom line.

Many of Orchid’s products can be used to add additional layers of security, either proactive or reactive, to your Sage 300 environment.

Our video and commentary below goes into detail on the security features of EFT Processing, Extender and Process Scheduler.

Many other Orchid products can also play a role in enhancing security, not least:

Watch our 'Enhancing Security' video

Click the image above to watch the recording of our 'Enhancing Security' webinar.

Anne discusses and demonstrates the security features and benefits or selected Orchid products, with a particular emphasis on the following:

EFT Processing

  • 2-step processing: Changes to Vendor, Customer or Employee bank account details must be validated by a different staff member before they take effect.
  • Bank account number encryption: Account numbers are stored in encrypted form, and masked when displayed. Only authorise staff can see them in full.
  • Audit logging: Details (who/what/when) of any changes to Vendor/Customer/Employee records, as well as creation of payment or receipt batches, are recorded in an audit log.
  • Cheque replacement: Transitioning from paper cheques to secure electronic payments removes the opportunity for cheque fraud.
  • Positive Pay: Where payment by paper cheque is still required, EFT Processing can still help reduce the risk of cheque fraud by generating ‘Positive Pay’ files for participating banks. (The bank won’t honour presented cheques unless they match details on these files.)


  • Event logging: Logging changes (who/what/when) to sensitive fields (e.g. Customer Credit Limit or On Hold flag) can help detect or discourage potentially fraudulent activity.
  • Access logging: All Sage 300 logon events can also be logged. (E.g. to identify suspect after-hours access.)
  • Custom validation controls: E.g. Admin users can change a Customer Credit Limit to a maximum of X, other users can only change it to a lower limit of Y.
  • Transaction-level controls: E.g. during Order Entry, don’t allow changes to Unit Price that would undercut minimum margin.
  • Event Notification: Selected events could be recorded in an Orchid Note for increased visibility. They could also trigger an email.
  • Separation of duties: A custom Extender script could enforce a rule that a user cannot post a batch that they themselves have created.
  • Other Custom Scripts: E.g. call a web service to validate company details, or generate an SMS for real-time escalation of an event.


Process Scheduler

  • System Checks: Schedule regular database dumps, disk space checks, integrity checks and system audits. (Identify and resolve issues early, avoiding potentially harmful consequences.)
  • Custom Tasks: E.g. schedule Extender scripts to search for unusual journal entries, or unbalanced clearing accounts, and raise alerts.
  • Refresh Cubes: E.g. in the lead up to month end, refresh and distribute an Info-Explorer cube that can be used to identify old unposted batches, clearing or suspense accounts with non-zero balances, etc.