Your Prelude Desktop product allows you to control who uses which parts of the system by either linking passwords to specific tasks or to users. There are many reasons for doing this, some of which are listed below:
To protect personal privacy – your system may well contain personal information (e.g. customer’s birth dates, home addresses etc.) that you use for marketing and relationship management. There are also legal rules around the collection and storage of certain types of data. Be aware of GDPR.
To protect your business interests – your system will contain commercially sensitive information (such as product pricing, stock locations etc.) Loss or corruption of this data could erode your market position and profitability. To process data more efficiently – by allowing, say, staff processing sales orders to only use those parts of the system that are relevant to these tasks, you can encourage an ordered approach to processing.
The extent to which you control access to the system depends on the number of users and the physical location of the assets. Remember that password protection will not stop physical damage to or theft of computer equipment, and that this will also have a detrimental effect on your business. We recommend that you draft a written Security Policy (see below). In its simplest form, this should set out an inventory of IT equipment by location and their values, names and designations of persons having access to systems (Access Rights), the name of the System Administrator (who has responsibility for controlling system access and physical security), and password conventions and formats.
The System Administrator need not necessarily be an IT specialist – they should, however, be a trusted senior staff member. Your Prelude Desktop distributor will be happy to advise you on this.
A security policy is a document that states in writing how a company plans to protect the company’s physical and information technology (IT) assets. A security policy is often considered to be a “living document”, meaning that the document is never finished, but is continuously updated as technology and employee requirements change. A company’s security policy may include an acceptable use policy, a description of how the company plans to educate its employees about protecting the company’s assets, an explanation of how security measurements will be carried out and enforced, and a procedure for evaluating the effectiveness of the security policy to ensure that necessary corrections will be made. This varies in complexity – a large number of users spread out in different locations will require more complex arrangements being in place than a small network all based in a single room. The policy needs to state clearly who the owner and sponsors are and who is responsible for updating this going forward.
Passwords should be changed regularly. The frequency of change should be set out in the Security Policy. As far as possible the System Administrator should encourage the use of Strong Passwords. These are passwords that are difficult to detect by both humans and computer programs, effectively protecting data from unauthorized access. A strong password consists of at least six characters (and the more characters, the stronger the password) that are a combination of letters, numbers and symbols (@, #, $, %, etc.) if allowed. A Strong Password contains letters in both uppercase and lowercase. Strong Passwords also do not contain words that can be found in a dictionary or parts of the user’s own name.
Types of Security:
Your Prelude Desktop product allows two mutually exclusive methods of controlling access to a company. This operates by the System Administrator granting users Access Rights to the system, as follows:
Task-Based Security. This uses a series of single passwords, one for each of 5 Levels (1=highest Level, 5= lowest Level). Each processing task is then assigned a number corresponding to a level. Each user is assigned a password, and depending on the level to which this relates, they can then access all tasks with that level and any lower levels. A Level 3 user, for example, can access all tasks set to Levels 1 through 3, but not those at Levels 4 or 5. See Task-Based Security for details. Generally this works best with a small number of users as the number of available passwords is limited.
User-Based Security. Each user is assigned a Login Name and Password of their choice. Supported by the System Administrator, they will then select the required processing tasks. See User-Based Security for details. The System Administrator can display a list of users on the system at any time during a session by clicking the Display Users option on the security menu. The display shows the username, the machine they are using, the date and time of user login and the company name and number being used.
There is a third method of controlling access to a company which is Login-Based Security. This is ideal for networked and hosted installations as Access Rights set in the methods above can be directly assigned to a Windows login ID and manual login to your Prelude Desktop software can be automatically bypassed. See Login-Based Security for details. Contact your Prelude Desktop distributor about this specially-activated feature.