Security capability is crucial within any accounting system, after all it holds all your financial data! As we move into an era of Cloud Accounting, security plays on the minds of many. So, today we are going to take a look at some of the most useful security features within Sage Live. Sage Live is built on the Salesforce platform, so shares lots of its capabilities, security is a big part of this.
Login HoursSage Live allows you to apply time restrictions on when your employees can actually log into Sage Live. One of the great things about Sage Live is the ability to access your accounts anywhere, anytime.
With this is mind you may not necessarily want certain users to login into your accounts when they are out of work. You do therefore have functionality to limit what hours they can log in between. For example Monday-Friday could be 8:30am – 5pm. Then at the weekend you can fully restrict access to logging on.
IP RestrictionsAs Sage live is built on the SalesForce platform you are able to restrict what IP Addresses users can log in from. By doing so, you can control which computers and locations people can log in from. There are two ways you can do this:
- Add computers to your trusted list of IP Addresses. If you log into a machine that isn’t on the trusted IP Address list then you will be asked to add it to the list via email.
- Specify a range of IP Addresses that are allowed access, for example; all IP Addresses within your company building. Anything outside of the range, will not be allowed access.
Permission LayersWithin Sage Live, data is formatted into 4 layers; these 4 layers are your Org, Objects, Records and Fields. Security can be applied to every layer within this system. Lets take a closer look at each level.
Your Org is your Sage Live Organisation as a whole. Both the log in hours and IP restrictions are applied on an Org level. Any Org-wide settings will apply to everyone and everything.
Objects are the individual sections of the system. For example, Accounts, Contacts and Products are all Objects.
You have control over what can be done within each Object. You can choose whether the user can Read, Edit, Create or Delete depending on their assigned Profile. For example, you may want certain people to be able to Read, Edit, Create and Delete accounts whereas you may only want others to Read these Accounts.
Within your Objects, you have Records. A record would be Account X, a case, an opportunity etc.
Record Owners have special privileges over their records. What records each user has access to, is controlled by the Role Hierarchy. This means you could configure the system so that a user can see their own records, but not their colleagues records. Additionally, because of the role Hierarchy a manager may be able to see not only his own records but also those who directly report to him/her. The Hierarchy doesn’t just control what you can see, it also controls what you can do to those records.
This is the information that makes up your Record. For example, within an Account you have the fields Account name, Account number, Account Owner etc.
Within Sage Live, it is possible to set up Field Level Security. This means users from different profiles, may have different access to that field. You have three options when setting Field Level Security. The first of which, is Visible. If a field is Visible, you can see and edit the field. When the field is set to Read Only, the user will only be able to read the field and not edit. then that field will not show for all users in that profile. If neither setting is selected, then you will not be able to see the Field at all.
Password SecurityPasswords are the first line of defence! Having a secure password is a necessity. Sage Live gives you the ability to set up prerequisites for when your users create their passwords to make sure that everyone who signs into your org has a strong password.
You can also control how many attempts a user is allowed to enter their password before they are locked out and also you can control the length of time the user will be locked out for if they do get their password wrong multiple times.
If a user does forget their password and has to change their password you don’t want them to change it to a previous password they have already used. You can set up how many previous passwords the system will remember for that user and will not allow the user to enter the same password that they have used before.