|
|
|
SECURITY QUESTIONS AND ANSWERS
|
|
|
5
RED FLAG REPORTS
Not every blip means trouble, but it could
mean you should take a second look. There are dozens of
reports in Clients & Profits that can help you spot
trouble. Here are the Fab Five that watch commonly manipulated
numbers.
 Clients
P&L. The Client P&L report shows
each client’s total billings and their budget,
plus the variance. You’ll also see a break
out showing where the revenues came from and what
the costs were. If anything is out of line, start
snooping around.
Vendor
Account Ledger. This report shows the
payment amounts, dates, and check numbers for each
vendor paid. Look for extravagant amounts, too-frequent
payments, or unfamiliar vendors.
Staff
Realization. Find out how many hours were
worked and how many were billed. Off-the-chart
numbers might mean fudged timecards or excessive
client billings. Sub-par numbers might mean that
someone is spending too much time doing things
they shouldn’t.
Media
Discrepancy. The Media Discrepancy report
can be run by either client or vendor. This report
shows the net and gross media amounts ordered versus
the actual amounts, as well as the A/P date. If
the ordered and actual amount vary, find out why—and
where the money went.
Clearing
Entries. The Clearing Entries report shows
the journal entries posted when account balances
are transferred (or “cleared”). The
report shows the date, period, accounts, and amounts.
Sometimes transferring balances is appropriate,
but too much transferring could spell trouble.
No report or software program can prevent someone from committing
a crime. Remember, it only takes a few minutes to double-check
something questionable, but it could take years to recover the
loss.
|
|
Q.
Since My C&P! isn’t SSL, what is the best way to secure
it?
The best way to secure My C&P! is by using a virtual private network.
VPNs are a connection between two compatible firewalls over the internet.
At one end, data is encrypted, then sent to the other firewall, which
decrypts it using the same encryption key. By encrypting data before
it’s transmitted, external intruders are unable to use a packet
sniffer to read the data during transmission. VPNs are a low-cost way
to use the internet to keep sensitive information secure during transmission--and
it costs significantly less than traditional dedicated connections.
Q. If someone uses my computer, will they have access
to everything I have access to in My C&P!?
They’d have access if you don’t quit your web browser and
clear your cookies when you are going to be away from your desk for any
period of time (like lunch or a meeting). The cookies for My C&P!
do automatically expire after 8 hours.
Q. Where can I find news on current security issues?
On the C&P web site, read the Internet Access Security tech note: Here
There are many security related sites on the internet as well as trade
magazines. One such example would be: http://www.securityfocus.com/
|
|
Q. How secure is
a wireless network?
Wireless network security is really a matter of some debate. The security
measures in most newer wireless routers provide a reasonable level of
encryption. Yet, one has just to look at the number of wardriving and
wireless hacking tools that are easily available to see that there is
an active wireless hacking community. MAC address filtering (if your
router supports it), and personal firewalls are highly recommended.
Q. What security concerns are there with
remote access solutions?
Any time you are sending information over the internet, there is a possibility
of someone being able to access it. There are always people out there
who are going to able to beat your security. Keeping that in mind, there
are some good security measures that you can use that will make it nearly
impossible for someone to break. One such solution is PGP (Pretty Good
Privacy), though this is used for file encryption (single file transfers)
and e-mail: http://www.pgp.com/
As far as security with a multi-user relational database is concerned,
the best lower cost solution is a VPN (Virtual Private Network). This
can be used along with remote access solutions like Timbuktu or PC Anywhere
(or similar ‘remote control’ programs) to provide a fast
and secure connection. The absolute best solution is a point-to-point
hardware-based encryption system, however this can be prohibitively expensive. |
|
|
|
