Security considerations

By 7th February 2017 February 8th, 2017 Blog

Here at Speed-IT the security of your data is a primary concern. We are constantly reviewing our procedures, security on our servers etc. The EQSPRO user community can improve security by reviewing passwords and privileges.

Passwords

Passwords are a nuisance, difficult to remember, awkward to input, just a constant delay when you are busy. So, let’s make them easy, all lowercase, use the dog’s name or your birthday! But remember, this is the key to data you should be protecting for your employer. If stolen this might embarrass your company and cause financial loss. It is important to choose a strong password and to change it on a regular basis.

To help users achieve a basic objective we recently forced a password change (EQSPRO V2.02.03). Passwords must contain 1 uppercase, 1 lowercase, 1 digit, 1 symbol and be at least 8 characters in length. Most users set good strong passwords but a number decided to use their names, system id’s etc. These make weak passwords especially when several users get together and share the same password. This is your data and your livelihoods. Please don’t make it easy for hackers to take it away. Administrators should review passwords and improve the weak ones as a priority.

Privileges

That’s external security but what could you be doing internally to protect your valuable data? Address this by looking at what users do and how they use EQSPRO to successfully manage their jobs. Restrict the administrator privilege to one or two individuals. Ideally don’t allow users to see the user and privilege screens – these are administrator tasks. Build several privileges, one for operational staff, one for managers and one for accounts staff etc. Only the system administrator should be allowed access to everything. Be careful about who can print reports, e.g. don’t allow sales people to print out a full list of customers.

And when somebody leaves? Don’t forget to update their user record to “inactive” (IN)!

A knowledge article is available for download from the Help Desk (KA #7424 EQSPRO Password Rules).

If you have any questions or would like further information on any of the points raised, please contact Support through the Help Desk https://eqspro.assist.com where we will be happy to help.