Five-step checklist for account security that’ll make Mona Lisa jealous

Ordermentum’s new user controls are great for protecting your Ordermentum account from predictable human error. Find out what you need to make sure you’re ticking off.

While you may not want a 6ft7 security guard and bulletproof glass for your Ordermentum account, you should use the best security features available. 

Account Security Checklist for Suppliers


  1. User roles protect your account 
  2. Staff should never share logins
  3. Use password managers for extra security
  4. Use Google and Apple two-factor authentication
  5. Use audit logs to monitor suspicious activity

1. User roles protect your Ordermentum account from human error

User roles (otherwise known as ACLs) are great for establishing structure around different roles and tenure in your business, ensuring that newer staff members do not have access to the moving parts of your Ordermentum machine before they’re properly trained.

User roles have the added benefit of stopping nosey nellies in their tracks as they try to get a glimpse at your confidential numbers as user profiles can be limited to what they can see and do.

User roles protect your Ordermentum account from human error


2. Staff should never share logins

It’s important for all staff to have individual logins to Ordermentum, as shared logins enable staff to access your Ordermentum account, possibly even when they’re no longer a staff member, and this means you can’t track who is doing what.

As soon as you’ve finished using Ordermentum on your computer or mobile device, you should log out so that the next person using Ordermentum needs to log in to their own account. This gives you visibility over movement in your account. If a staff member leaves your business, you’re able to delete their user profile which removes their access.

Remove access from previous staff members

It might seem like a no-brainer but many businesses forget to remove the login for a staff member who has left. To remove access, go to Settings > Users and then click 'Remove user'.


3. Password managers should be used for all logins

Suppose you do need to use a shared email account that accesses Ordermentum or any other important business software. In that case, you and your colleagues need to use a password manager so that none of you knows the password.

What’s a password manager?

It's a secure password application you download on mobile and laptop which can be paid or free, that creates new encrypted passwords for each of the logins you use it for. Instead of you typing in your password, it will type in the encrypted password for you. This saves you time and also keeps the password secure.

4. You can use Google and Apple two-factor authentication

If you sign up to Ordermentum with your Apple ID email or your Gmail account, you’ll be able to use two-factor authentication (2FA). You’ll keep your Ordermentum account extra protected by using 2FA, as it’s the latest security technology to protect individuals and businesses from malicious activity.

What is two-factor authentication/2FA?

Have you ever logged in somewhere and then a code has been sent to your phone to confirm that it’s you? That’s 2FA at work, and it’s a high level of account protection. If you would like 2FA but don’t have an Apple account or a Gmail address, Gmail accounts are free to create.
 


5. Individual logins + user controls + audit trail = security heaven!

Once you’ve set up your staff with the right user roles, they’ll have individual logins to Ordermentum, which means you can use the ‘Audit trail’ to view time-stamped activity about their actions in your account. This makes it easy to check what your staff are up to and also makes it simple to fix mistakes or other issues that might crop up. It also allows for identification and training of the right people in your team.

Simply, it lets you rest easy and know about the who, when and what, with all staff activity in your Ordermentum account.

We hope these tips help you keep your account more secure. And, as it’s not the most thrilling topic, here’s something to lighten the mood:

Q: Why shouldn't you use ‘BeefStew’ as a password? 

A: It’s not stroganoff. 😉 

If you have any questions, please reach out to your Customer Success Manager at any time.