by Harry Hollander of Moraware
When we’re talking to our customers or countertop fabricators who are considering using our scheduling or quoting software, sometimes we get questions about how we protect ourselves (and you) against catastrophes or hacking attempts.
So, what does that mean? How are we protecting against hackers, viruses, and other scary stuff on the internet? Well…
We follow industry best practices. Most of it is pretty boring to talk about, but… We use SSL over HTTP – that means every web page you access is protected with the same encryption that you use when you do online banking. We encrypt all passwords, which means that neither your admins nor Moraware support can tell you what your passwords are.
We monitor for intrusions. You’d be surprised (well, maybe not) by how much shady-looking traffic we notice on our servers, that’s probing us for vulnerabilities. We apply all operating system and web server patches immediately. We have a team of developers who evaluate security issues every day and do whatever it takes to prevent issues.
Want to get even more into the weeds? One of the big ways to make sure we’re secure is having good systems in place that allow us to recover from a catastrophe. Here’s more info on our servers. In addition to periodic security audits from outside experts, you might also like the fact that we use multiple top-tier data centers. They all have a bunch of certifications including SOC 3 SSAE 16, Privacy Shield, PCI, GDPR… say that fast 3 times.
So what’s the biggest threat we’re worried about? You!
If you don’t want to open yourself up to hacking, here are a few really good security practices.
- Hire employees you trust. This is the number-one place where you’re exposing yourself to security risk. If you hire employees you trust, your whole business will run smoother anyway… just do it.
- Don’t share users. We charge per user, so it might be tempting to share users. In addition to being way less secure, your users will have a less personal experience when they share.
- Use good passwords. Don’t make your passwords blank or trivial, don’t re-use passwords in multiple places, and don’t share passwords. You should probably consider using a password manager. At Moraware, we use 1password.com, and it really helps us with good password policies on our computers and mobile devices.
- Restrict user roles. Instead of making all users admins, you should be restrictive in what users can do. In both CounterGo and Systemize you can customize roles to give the right people access to everything they need to do their job.