A subject that is always close to hand is that of security and the cloud. This is a broad issue that cannot be easily answered in a media-friendly snapshot. Ask yourself how safe is your office? You may have brand new locks on the doors, but haven’t got round to securing the windows. And those locks seem a lot less safe when you think about the spare key you leave at the often unattended reception desk. If you take a look around, you might see old water pipes, overloaded power points and wiring that could do with an overhaul. The more you think about security, the more complex an issue it becomes.

A cloud-based CRM solution too comes with its own set of questions that address security. You need to think about how to access the system, how to set permission levels and how to prevent the destruction or theft of data. Setting up your system requires careful consideration to achieve the right balance of security without compromising on user-friendliness.

We have been carrying out plenty of checks to make sure the OpenCRM office is as secure and safe as can be. Here are a few security measures we have or are currently putting into place:

Log-In Details are not saved. This is to prevent a “key under the mat” scenario. When you log out, your details are not saved, so anyone attempting to access your log-in will have to know your full username and password, these won’t be automatically filled in when someone start to type.

Profiles and Roles. You can decide on a number of levels which information and which records are accessible to which group of users. An example of this is to set fields on a record such as User Name that can only be edited by users that have access to that role. This is a measure that can be used to safeguard certain information against tampering.

User Restrictions. As well as setting limitations of access at profile and role level, you can also restrict accessibility on a user level. These measures allow you to control viewing and editing of information just how you and your organisation need to.

Audit Trailing. If you are under the impression that there is suspicious activity happening in your CRM solution, using the audit functions can show you details of when a record has been edited, what has been edited and who was responsible.

IP address restrictions and permissions. You can control which accounts can be accessed from which IP addresses. This protects that user’s account from being accessed from addresses other than those specified, if this setting is enabled.

Password Policy settings. Within OpenCRM there are a number of rules at your disposition to set a password policy for your organisation. These include enforcing minimum password length, use of mixed letters, numbers, symbols, upper and lower case and not being able to use dictionary words.

Of course the more complex a password becomes it also gets harder to remember. With this in mind, we have made it easier for your admin users to unlock accounts if they have been locked by accident.

For more information about you and your CRM security do not hesitate to give us a call or drop us a line.

You may have noticed that we don't have a Remember Me option on our login page. This is because it is not good practice to save login details for systems that contain sensitive data.

If this option were configured, people who have access to your computer could access your protected systems without any user control, they could impersonate you and potentially cause havoc in your name.

Even though we do not have this Remember Me option your internet browser does have technology built in that will prompt you to save your username and password when you enter login details. We strongly advise that you do not use this feature, should your computer fall into the wrong hands your access to OpenCRM will not be compromised!

From OpenCRM V3.02 this browser save feature is disabled by default and although not every browser implements the standards that we adhere to major browsers will no longer ask if you want to remember the username/password for this page.

I read an article this week about a bank that accidentally revealed customer email addresses by sending a mass email and using the “to” field instead of “bcc”. Of course accidents happen and human error needs to be factored in. The fact that this has happened to a financial institution where stability and security are core values is somewhat worrying but I guess that’s not the point here.

Had they been using OpenCRM this would not have happened.  Using the Email Module in OpenCRM all addresses in the “to” field receive a separate email. You can put all the addresses required into the “to” field, and clicking on send will send the emails separately. Using our Pop2OpenCRM mail service you can archive all your email communication within your OpenCRM system. For details of how Pop2OpenCRM works please find more information here or contact us.

Using the cloud for your data storage is like putting your money in the bank. Of course you can keep your money under the mattress at home. It’s right there under you as you sleep. Using a bank you are entrusting someone else with your money. As time goes on, the bank works for you, they make you all kinds of offers, from loans to interest, to advice.  And your money is stored virtually – the branch you normally deal with doesn’t have a pile of banknotes (or IOU’s) in an envelope with your name on them.  You can access that money from any branch, ATM or location where your card is accepted. And your finances are safe from natural disaster.

With your data it’s pretty much the same story, except that of course you can duplicate data, you can store as many copies as you like. But the mechanics of cloud storage can be likened to how your money works in the bank. Using the cloud you can access your data from anywhere.  Using PIN numbers you prevent others from accessing your data. Your web host is also working for you. Taking measures to improve data security, and working on increasing your storage space – your virtual bank account.

Just as a bank can be robbed, online data storage is susceptible to attack. Recent cases involving Sony data goes to show that high-profile security breaches are an everyday risk. Fortunately most data centres use high levels of encryption to ensure that sensitive data has additional layers of security.

Sales Pitch: OpenCRM subscriptions come with a huge storage space for your data and we take your information security seriously. For further reading: http://opencrm.co.uk/why-host-your-crm-solution.html