Article
August 2023
On Keeping your data safe
Today data is money and we have seen instances where critical data was stolen.
OurSys has many measures to protect your data. This artcle shares dos and don'ts for security.
Here is how you can secure your data
IP Locking
This feature will restrict people from accessing OurSys from outside your premises. You will need static IP for each of your location for this.
Then you can set up the allowable IP addresses. This setting is only with the admin.
For Sales, Service & Management people there is a provision to bypass the IP lock. For them there are other ways to secure.
Double Authentication
OurSys has the facility of setting OTP as an additional layer of security for logging in. You can go to user master and enable OTP based access. The OTP is sent by email to the
official email address set in the employee master. Before turning this on, ensure that the employee master has the correct email address and system email configuration is completed.
If you need any help, do put in a service request.
Blocking of Ex-Employees from system
Whenever an employee resigns / retires, as a part of exit procedure, that employee should be marked as 'Ex-Employee' in the employee master. This will automatically mark the corresponding user as inactive.
Role wise rights
As a good practice, access rights to the links should be based on the role of the person and should be reviewed periodically.
Irrelevant links should be removed.
Setting Sales region for Sales team
Set up Sales Regions. All customers must fall under some Sales region. Sales person must be given rights to only relevant regions. Then that person will have access to only customers of those regions which have been assigned.
In case a sales person tries to steal data, he / she will not have access to full list of customers, enquiries or orders.
Remove access of Excel download
OurSys has the provision to control who can download data in Excel. Unless it is important, this feature should be disabled.
Use 'Functional Admin' feature of OurSys
OurSys has the provision to have department wise admins. Example: HR admin has rights to salaries and even Admin cannot see it. Ensure that right people are made Admins.
Use Customer Code in Production
In case you wish to restrict production from knowing the customer name, you can enable the Customer Code feature. Once you enable this, only Customer Code will be visible instead of the name.
Create Purchase regions to protect Supplier names
In case you wish to keep the name of certain suppliers secret to few people, it can be achieved in OurSys using Purchase regions. For example: You can create 'Import' as Purchase region and assign suppliers into that region. Further control access to these regions.
Protecting Customer Item Codes
If you do not wish to disclose the customer item code beyond sales department, you can add similar general item in item master and use Customer Item No and Customer Description fields in Enquiry and Order. This way the production, quality and all others will see master item.
Whereas customer code and description will appear on all customer centric documents such as Quotation, Order Acknowledgement and Invoice.
Protecting Supplier Item Codes
If you do not wish to disclose the supplier item code beyond purchase department, you can add similar general item in item master and use Supplier Item No and Supplier Description fields in Purchase Order.
Password best practices
- Do not share password
- Change password frequently
- Do not save passwords in browsers. If somebody else sits on that computer, your access will be available to that person.
- Senior officers with permissions to masters and authorisations must have double authentication enabled.
We hope this information was useful. Do give us your feedback.
Feedback
Was this article useful to you? Do let us know how we can further improve. Your feedback is precious to us.
Please click here to give us your feedback.