Just as you have physical security around your business you should employ security inside your COSTAR system.
Are you taking the appropriate precautions for software security? If not, chances are it may be possible for an unauthorised person to gain access to the confidential elements of your auto business.
How to protect your workshop’s data
Within COSTAR there are different degrees of protection you can apply – from least secure to advanced measures – in order to strenghten the security in your business.
- Least secure – Generic logins, no password.
- Moderately secure – Individual logins and passwords.
- Advanced security – Individual logins, passwords and PIN protected events.
To improve your overall COSTAR security, we highly recommend moving away from generic logins and instead set up individual or group logins (Employees -> Employee Maintenance – login name, Password, PIN etc). Once employees are configured their details are used in the COSTAR Login Screen, Order Entry, Purchase Orders, Customer Maintenance, Technician Inquiry, etc. and their access can be assigned to suit their responsibilities. Having employee logins and prevents any unauthorised people from logging into your system and accessing confidential data.
Assigning Permissions adds another level of security to your business and can be applied to any of the above login methods, however they are only as good as the security level that protects them.
Events may be set up to use a choice of either Override Passwords or PIN. PIN’s are firstly set by the employee in Employee -> Employee Maintenance and subsequently, any activity that you require to be PIN-protected is configured in Settings -> Passwords and Events where you nominate which employees PIN’s are authorised for the particular event.
Permissions
The first step is assigning different levels of permissions to your employees. This limits their access to certain sections of your system. If you missed our article on COSTAR Permissions, you can catch up here.
PINs
When onsite visiting our clients, we’ve found the front computers are typically always logged in as ‘Sales’ and everyone uses them. That makes your day-to-day operations convenient but not very secure. To address this, setting up employee PINs means you’ll be able to identify exactly who went through a logged activity.
This is called the Passwords and Events function allowing for Management Control/Protection to override procedures which make important changes to the system. Events such as changing the quantity of an Inventory Item or deleting an Order Entry document may not only be password protected but may also be tracked and viewed in the “Event Log” function.
This method allows your staff to perform the necessary functions within COSTAR to be able to do their job effectively with minimal interruption and allows you the peace of mind that these events are logged should issues be raised around the activity.
To learn more about Event Logs, simply check out the online COSTAR help file.
Cash Drawer
When completing an Order Entry document/sale if you have a cash drawer connected to your PC it will automatically open. You can set a password to be used only when you want to open your cash drawer from the Menu toolbar. This password does not affect the cashier form that is called when selling an invoice, repair order, etc; in this case, the drawer is opened automatically.
Redcliffe Tyrepower is a huge fan of this feature.
“We love the cash drawer feature; we weren’t going to operate without it. It’s the confidence and security, you don’t have to worry about hanging a key somewhere, it’s locked, and it’s controlled in COSTAR. You’re always in and out of the office so it’s a huge safety feature these days.”
Print before selling an Invoice
Printing an invoice before you have sold it to produce a Proforma Invoice, is extremely handy and sometimes necessary to issue to larger businesses that require a copy to produce a PO number for work to be carried out. However, as extra security for your business, you can make the action of printing before selling a password-able event. Include a PIN so you know exactly which employee had to do this.
Business practices to discourage theft
Implementing some of these processes in your business and ensuring your employees are aware of these checks and balances can work towards discouraging unfavourable and dishonest behaviour. It can be as simple as investigating anomalies you notice or mistakes that are made. Balance the till each day and investigate and fix mistakes, do regular stock counts and monitor jobs left in WIP screens and cancelled documents from Document History. If you’re looking for more info on Day End procedures or Inventory Management in COSTAR, check out this blog post.
As always, contact our Support desk if you have any questions.
