Staying Secure In 2019
Being secure is important, especially with data breaches being such a hot topic in 2018. It is good practice to make sure you and your business are doing everything to stay secure all year round. Below are some tips that are good practice for both the boberdoo system and just in general.
Unique Usernames & Passwords Per User
Make sure everyone has their own admin login. We have seen users and clients use the same admin account across multiple employees, which in turn, leads to a lack of transparency of who is doing what and puts the business at risk. Make sure everyone has a unique username & password and utilize user groups to allow employees to have access only to the pages that are relevant to their jobs.
Change Your Passwords
The more often passwords are changed the better, such as every 90 or 180 days. If the passwords in your system have not been changed at all this past year, it is probably a good idea to change them. The longer and more complex passwords are, the better. Be sure to use all those uppercase, lowercase, numbers and symbols. Also, please do not make your password "password" or your birthday.
Just like extra layers on a cake, an extra layer of security is always a good idea. With two factor authentication, you can use your phone number or another email to authenticate when a password is being changed or a new device logs into a system.
Lock Admin Logins To Specific IPs
In Settings under both User or User Group in the system, you can set specific IP addresses, for a group such as a call center, as well as what IP addresses each user is allowed to log in from. This is important to make sure that you users are logging into the system from secure IP addresses.
Delete Old Users
It seems simple, but sometimes simple problems are the most costly. When a user leaves your company for any reason, delete their U/Ps make sure that they do not have any way to access anything that has to do with the business.
Control Lead Exporting
In the boberdoo system specifically, under Manage User Groups, there is an option for "Can email leads" which allows you to determine if that group can export leads while boberdoo's secure mode allows exports to be logged. Work from "less to more" when it comes to who can do what in your system.
Review user group permissions
Creating specific user groups that only allow users to perform tasks related to their jobs is a good idea. Take the time to look through your users, and what they are, and are not, able to do. Evaluate and decide if they really need to be able to do what they are allowed to, because accidents happen.
It is our belief, here at boberdoo, that businesses should only hold on to data for as long as it takes to complete what they are using it for. Therefore, one of the biggest aspects of security in the boberdoo system is secure data retention. This is important because lead companies typically hold on their data longer than necessary, which is a potential liability and in turn, ends up putting their business at risk. Is your lead system positioned for secure data retention? If not click here to learn more and explore how boberdoo can help your business.