Preventative measures

Preventative measures

It’s a good idea to ensure any relevant measures from the below are in place whenever a new system is set up or a new user added.

Roles and privileges

A comprehensive roles and privileges system ensures that only the people who should  have access to change a particular type of information do. Other users can be set to read-only, or no access at all. Privileges can be set on a per-table basis.

Row level access

Even if a user has access to edit data from a particular table, you may only want them to see a subset e.g. sales opportunities they own. An administrator can set that up

Record level locking

You may only want records to be available to be edited for a certain amount of time, e.g. sales orders might be editable before dispatch but not after.

Field level locking

Certain fields may be very important for example product codes. An extra level of protection can be added to those to lock them against accidental edits, requiring a ‘reason for changing’ to be entered to unlock, which is logged with username and timestamp.

Customisable logout time

Each user can choose a period of time after which the system will automatically log them out if they’re inactive. Choosing a low number like 5 minutes can protect against e.g. leaving their laptop open whilst away at lunch.

Dependency rules

Data is often, even usually related to other data in the system. For example, there’s a link between a contact and the organisation they belong to. 

When a user tries to delete a record such as an organisation that has linked contacts, the system can prevent that, allow it (removing linked items as well) or remove only the main organisation record, leaving contacts in place but removing their links to the organisation. Prevention is the default, forcing the user to manually delete each dependency first.

These rules can be set individually for each type of data by an administrator