Many Orchid products can be used to add additional layers of security, either proactive or reactive, to Sage 300
Security is about much more than remembering to lock the office door behind you, or scanning your emails for viruses.
If we take a broader view, anything that can help identify or mitigate threats to your business might be considered part of your security regime:
- Some security threats are external, but when it comes to fraud the sad reality is that risk is far more likely to be inside the business.
- Technical problems like data corruption might not involve any malicious action, but that’s small comfort when they result in disruption to your operations and start impacting your bottom line.
Let's start by unlocking the potential of these Orchid modules
- System Checks: Schedule regular database dumps, disk space checks, integrity checks and system audits to identify and resolve issues early, avoiding potentially harmful consequences.
- Custom Tasks: E.g. schedule Extender scripts to search for unusual journal entries, or unbalanced clearing accounts, and raise alerts
- Refresh Cubes: E.g. in the lead up to month end, refresh and distribute an Info-Explorer cube that can be used to identify old unposted batches, clearing or suspense accounts with non-zero balances, etc.
Learn more →
- Event logging: Logging changes to sensitive fields (e.g. Customer Credit Limit or On Hold flag) can help detect or discourage potentially fraudulent activity
- Access logging: All Sage 300 logon events can also be logged., e.g. to identify suspect after-hours access
- Custom validation controls: E.g. Admin users can change a Customer Credit Limit to a maximum of X, other users can only change it to a lower limit of Y
- Transaction-level controls: E.g. during Order Entry, don’t allow changes to Unit Price that would undercut minimum margin
- Event Notification: Selected events could trigger an email, or be recorded in an Orchid Note for increased visibility
- Approval Workflows: Enforce 'separation of duties' so a user cannot post a batch that they themselves have created
- Other Custom Scripts: E.g. call a web service to validate company details, or generate an SMS for real-time escalation of an event.
Learn more →
- 2-step processing: Changes to Vendor, Customer or Employee bank account details must be validated by a different staff member before they take effect
- Bank account number encryption: Account numbers are stored in encrypted form, and masked when displayed. Only authorised staff can see them in full.
- Audit logging: Details of any changes to Vendor/Customer/Employee records, as well as the creation of payment or receipt batches, are recorded in an audit log.
- Cheque replacement: Transitioning from paper cheques to secure electronic payments removes the opportunity for cheque fraud
- Positive Pay: Where payment by paper cheque is still required, EFT Processing can still help reduce the risk of cheque fraud by generating ‘Positive Pay’ files for participating banks. (The bank won’t honour presented cheques unless they match details on these files.)
Learn more →
Watch our Enhancing Security Video
Anne discusses and demonstrates the security features and benefits or selected Orchid products, with a particular emphasis on those listed above.
“Process Scheduler has worked really well for us. It gives us a great deal of confidence in the integrity and security of our data.”
CRAIG HAMMOND, CANCO CRANES, NORTH VANCOUVER, BC, CANADA
Still feeling insecure?
These Orchid modules, amongst others, can also contribute to a tighter security regime
- Inter-Entity Suite: Automating complex accounting entries reduces opportunities for fraud and improves the transparency for transactions spanning multiple entities
- Bin Tracking & Return Materials Authorizations: Improved visibility of inventory locations and stock movements leads to reduced stock losses and leakage
- Notes & Document Management Link: Improved access to information and documents not only supports collaboration but increases transparency.
- Info-Explorer: build cubes that support analysis of business data, highlight anomalies, and allow drill through for investigation