More control over Remote access, limit access
I've found that we need more control over the remote access to RSr, both with the app and the main web interface.
On the app, it would be nice to limit access via the security groups settings. So that could be controlled in the same place all the other settings are for each group.
Some people would get the big view as it is setup now in the app, kind of an everything view and other security groups may be limited to see only open invoices and related customers as an example.
it would be nice to limit access to the web app not just by IP but by time of day, week, distance from shop for those that are using location aware devices like iPads.
For example: it would be nice to set these settings by security groups, For example the "techs" group may only have access m-f 8-5pm not any other times, limited by time not IP or by both time and IP.
I am not a big fan of staff having access to customer files on their mobile devices via the app after hours....no need for that at all. We just need the app so techs can take payments on open order, that's it. Definitely not unlimited access to customer files or after hours access.
see also similar "iOS app security"
Company/Enterprise Risk Management (ERM). The risk here is Employee accessing unauthorized information.
The Control – Create password protected barriers. Limit access to need-to-know employees. These are super basic functions of a CEO of even a small business. We can't have people getting access to customer lists, closed invoices, monthly invoice information etc. There are a lot of comment on security, app security, iOS security, Tab security, Developer access etc. I think this is a very big concern and there are several comments that could be combined into one big comment here....just a big security overhaul. Anyone with more then 1 or 2 people is going to want these things addressed.
Comcast has many areas that are IPV6 only where IPV4 can’t be used for any level of security. We need some level of security by user, not just a global thing. Different users have different roles, some need access to the data outside the shop and for those users we don't want them to ever have access outside the shop. This is such a huge security hole which allows staff to copy out data or customer info at their convenience.