Best Practice Security for Computers using Retailer
Best Practice Security for Computers using Retailer
Security is important for any business and it is important that you protect your business as best you can while still allowing the business to operate efficiently. This is not just for the security of you business and customer data but to provide protection against malicious attacks such as ransomware.
Below we will list the things you can do to ensure your computers are as secure as possible. However some of these restrictions may not be for suitable for all businesses. You will need to decide what is your best approach while being aware of the risks associated.
Implementing and managing your security protocols is NOT covered by Tower Support. Any advice provided in relation to the below advice would be considered billable. Windows Usernames and Passwords
The easiest form of security you can enable is having each computer require a username and password to access it. The passwords should be changed every couple of months. A drawback of having usernames and passwords is that you need to ensure that all staff are aware of the passwords so that access is not hampered.
Windows Active Directory via AzureAD or Similar
An option for an additional layer of security (over and above standard windows usernames and passwords) is to implement a domain network where staff logging in are authenticated by a Windows Active Directory service. This option has a not-insignificant cost associated with it. It also means that you will need to allocate staff individual accounts and they would need to use these to access your system. Implementation of this may also have setup ramifications for Retailer, so if you are undertaking this it is likely that you will also incur some billable support work from the Tower Support team.
Remote Desktop
If you are not using Windows Remote Desktop (RDP) this it is highly recommended that you disable this service in windows. If you are using this service then ensure you have a very strong password that is updated regularly. The preferred option for RDP is to use this via a VPN however if this is not possible access should be limited to specific IP addresses. Additionally, when this is used in conjunction with an active directory service, like the one mentioned above, this adds an additional layer of security.
Backups
While the Retailer backup does protect your Retailer data it does not protect anything else on your computer. Our recommendation is to use a cloud backup service that incrementally backs up your entire PC. Consider adding a cloud backup service to any computer that stores any valuable data, not just your server. It is imperative that the service you use has both a local and a cloud copy for easy disaster recovery.
Browser Passwords
While saved browser passwords are very helpful, it does open a risk should your PC be compromised. Our suggestion is to not save passwords, especially for accessing any service that stores sensitive data, like bank login etc. Consider using a password manager such as LastPass or 1password to help you remember passwords.
Emails
Once of the biggest security risks in your business is email. Only open attachments and click on links in emails that you are sure are from known senders. Check email addresses as well as the sender's name. If it sounds suspicious, it probably is.
People Remote Connecting to your Computer/Network
Be careful about who you let take remote control of your computer, ensure they are from who they say they are. If you are suspicious, terminate the call and call the representative back on a publicly available number.
Don't use out-of-date Software, Hardware or Operating Systems.
Keep your systems up to date by ensuring you are running versions of software, operating systems and hardware that are still supported by their manufacturers. Make sure that any updates to software, especially Windows security updates, are loaded as soon as possible. This will ensure that you are not susceptible to any vulnerabilities have been patched by the supplier.
Related Articles
Best Practice for Stocktaking
This advice below is about the best business approach to undertaking a stocktake. For information on how to actually use the software for stocktaking, click HERE Use the Latest Version of Retailer Please ensure you have the latest version of Retailer ...Updating and converting from Retailer 2 to Retailer 3
If you are using Retailer version 2, and updating to the new Retailer 3, you will need to update in stages. Retailer 3 has not been tested on Windows XP or Windows 7, and you should upgrade if you have them. You can check which version you have using ...Security Passwords and changing them in Retailer
What are Security Passwords in Retailer? There are 4 levels of security in Retailer: Level A - No Security, used for open access to areas like POS Level B - Minimum Security, could be used for supervisors in a larger business or as a prompt that this ...Integrate Retailer with CCTV
Retailer can integrate with your instore CCTV system. This can be used to match events from the Retailer Audit Log with CCTV footage. E.g. Opening Cash Drawer without sale, cancelling or deleting a sale, etc. To integrate Retailer to a CCTV system, ...Using Packs in Retailer
Many stock items are supplied as cartons/packs rather than individually. This article explains how to configure cartons within Retailer. Setting Up Packs (Cartons) for Stock Items When following these instructions please ensure you have added your ...