Security overview - securing your database

Authentication

The first component of securing your database is controlling who can access it.

Video credits

As was outlined in the video above, you ensure the security of your database firstly by:

  • Managing the password settings that apply to user logins.
  • These are the rules applied when new passwords are created and when users log in to the system using these passwords.

    You also specify how long the mobile app can be inactive before logging out a user.

Further information

Since the video was created we have added the ability to log in with a Microsoft account. This convenient method provides the additional security of multi-factor authentication (MFA). See Sign in with Microsoft account for details.

Authorisation

Next you need to carefully control what they can see and do in your database.

Video credits

As was outlined in the video above:

  • Manage what users can do and see in your database by connecting them with security groups.
  • You make each user a member of one (or more) security groups. These are collections of permission settings that minutely specify what can be done and seen by the members.

  • You may also want to customise which cases users can access.
  • The default is to only allow access to a case when the user is specifically connected to it.

    You can extend this access through user memberships in case offices, teams and categories. These are set up at the Employee List.

Further information

General security awareness

It is also recommended that staff take a general security awareness course.

Backup

Lastly, while not strictly speaking a security issue, backing up your database is tremendously important. if you're not sure, ask yourself:

What would I do if I lost everything I had entered into Case Manager since I started using it?

This could result from incidents such as accidental deletion of files, infection with an email virus or a major fire. You could only recover with minimum loss of data if you'd been carefully following a backup process.

If your database is hosted by Chameleon Software we have already put best practice backup procedures in place. If not, you need to familiarise yourself with Backup best practice and make sure these guidelines are followed at your business.