I think we can all agree that security is important. Most of us lock our cars and houses on a daily basis. We may keep important files in a locked file cabinet and valuables in a safe or deposit box, but how many companies really take the precautions necessary to secure their e-commerce data? Right now do you know how many people in your company have your passwords and which passwords they have? Do they have passwords that you do not know about? What are they accessing with those passwords? Many business owners do not know the answers to these questions; because they do not take the time to make it a priority, or because they do not have the planning and policies in place to get this kind of information.
One Password to Go Around
In many small businesses there is often just one password and if someone needs access to an area, they are given that password. This makes everything easier right? Sure, but it also clears a path for countless other problems. An employee can exploit that information for their own gain. Someone can leave the company and take the information with them. Information can be shared with other employees who may not have any business knowing about the accessible information. Information can be leaked outside of the company. No matter what the situation, abuse of passwords and the information they make accessible can create a big headache for a company and potentially huge losses in revenue.
Even worse than information being leaked or shared inappropriately, is the potential for misuse. With full access to your site, your employees can do all of the same things in malice that you can do in good practice. They can change your passwords and lock you out. They can assume ownership of the account. Your business can become theirs.
Setting Limited Access
It seems foolish to have to remind someone not to give out their own personal user account information and password, but it bears stating the obvious- do not share your information no matter what the circumstance. You wouldn’t give out your social security number or bank account login information, would you? Then follow the same guidelines online and keep your businesses information secure.
Access Appropriate to the Position
So, how do you give employees the access they need while protecting yourself? In many cases you can set up additional users or administrators with limited access. Any employee that has a reason to view certain company information should be given their own user account. By making additional users you set boundaries for employees. Your bookkeeper can be privy to the invoices and methods of payment on file. You can let your web designer access the FTP files and backend of the site. Your marketing team can track statistics and collect customer information; and all the while no individual can stray to areas that they have no business accessing.
Accountability in All Areas
Another benefit of having multiple users is the ability to track what people are doing. If, as a business owner, you ever run into a situation where there needs to be accountability by an employee for a problem you can eliminate the guess work by researching which user accounts were logged into a particular area. Therefore, separate user accounts help to foster responsibility as well.
Keep it Current
Make sure information is changed periodically for the primary login and all other users in case there is ever a breach of security. If passwords and logins remain the same indefinitely unapproved access by an individual has the potential go on for a long time without being noticed or stopped.
Lock it Up Out of a Thief’s Reach
The scariest situation is doing everything you are supposed to do and it being for naught if someone is able to forcibly steal your information. There is always the chance that your company could be broken into and robbed. Digital information like user names and passwords cannot be locked up like a physical document. The most important thing is to make sure your computer is locked (by password or fingerprint reader) but beyond that you can also protect yourself with an online x drive. This allows you to store your information online and access it even without your computer. Unlike an external hard drive that can be picked up and loaded in a thief’s bag like your laptop, this stores your information out of a thief’s reach.
Volusion Helps You Turn the Key to Greater Security
As a customer with Volusion you can act on all of these security tips with ease. Both the Administrative Area and the My Volusion area allow for multiple users to be set up with different access levels under one “super administrator.” The business owner can then manage all employees’ access levels and can even see which user(s) have modified a particular area of the site, to see exactly what was changed and when. The passwords for both areas (as well as your users’ passwords) can be changed online 24 hours a day. And lastly, 24×7 technical support is available to assist you with making sure your site is as secure as you need it to be!
For more information on securing your Volusion store:
Adding New Administrator Accounts to Your Volusion Store
Admin History – What Does it Do?
Adding Users to MyVolusion.com
-Kate Pierce, Volusion