Sage Blog

Welcome to our business blog


Would you access your accounts on a mobile?

Posted in: Your accounts
1,482 comment

Sage 50 Mobile for iPhone, Blackberry and AndroidI’m Alex Reid, a senior developer in Sage Central R&D, the team responsible for the development of Sage Accounts 50 Mobile.  I was the lead developer on the Sage iPhone app.

A key feature of Sage 50 Accounts is the inclusion of our free Sage 50 Accounts Mobile App. This gives you access to the data held within Sage 50 Accounts in your office, anywhere in the world using your iPhone or BlackBerry

update August 2012 – it’s now available for Android at the Google Play Store)

update May 2013 – We also have a Sage Windows 8 app. Visit our Sage 50 Accounts Pulse App post for more information.

The extremely portable nature of mobile phones is a massive advantage but as with any piece of software or technology that facilitates remote access to sensitive data, security is a fundamental consideration. If you are a business owner, you are likely to be excited about the possibilities offered but are perhaps cautious of the security implications associated with making your company data available in this way.

Would you access your accounts on a mobile?

One of our Twitter followers asked the question: would you access your accounts on a mobile? I would say, if it’s secure and helps you work on the go, then why not?

We have engineered the Sage Mobile solution to be secure from the ground up. As someone that’s worked on the Sage 50 Accounts Mobile App I’m in a good position to give you some background on

  • how the mobile solution works
  • the built-in security features
  • and finally some recommendations for businesses looking to use this app

So how does information from Sage 50 Accounts securely find its way to your iPhone or BlackBerry?

Both our Sage 50 Accounts app and Sage 200 mobile use multiple Sage technologies and online services to provide remote access to data stored in Sage 50 Accounts and Sage 200. These services and infrastructure have been independently audited to ensure your data is not compromised.

When installing the mobile solution, no company data is transferred or held anywhere other than within your company’s on-premises installation of Sage 50 Accounts or Sage 200. Our Sage 50 Accounts app and Sage 200 mobile securely communicates with your on-premises copy of Sage 50 Accounts or Sage 200 via the service we provide to allow secure access to your on-premises data across the Internet. We call this the Sage Secure Gateway.

This software creates a secure tunnel between your office and the Sage infrastructure over the public Internet. All data sent and received through this connection is encrypted so cannot be intercepted by third parties.  Once the tunnel is established, your data can now be accessed from anywhere in the world, but don’t worry – access can only happen through the Sage infrastructure, which requires authentication.

How to log on using your Sage Passport

Users of our software are likely to be familiar with our Sage Passport. It’s free and straightforward to create one, just visit our Sage Passport page.

It is with these credentials that a user logs into the Sage app. An administrator grants access to their company’s data by associating a user’s Sage Passport with their data through a subscription. A user selects the subscription they want to use after logging in to the Sage app.

Controlling the levels of access to your data

Not all users with mobile access will require or be permitted global access to company data. The user’s subscription dictates the level of access they have. The Sage 50 Accounts mobile setup wizard makes it easy for an administrator to completely control the level of access granted to a user’s subscription. Permissions can be granted or revoked at any time, should an employee require further access or cease to work for the company.

What happens if your mobile goes missing?

Our app is a secure and robust solution, but human vigilance is a vital part of overall security. Just as a briefcase containing sensitive paperwork can be lost on a train, so can a logged in mobile phone. So what happens if a mobile phone gets lost or stolen?

Firstly, an administrator can revoke access to the user’s subscription using the mobile setup wizard. This will prevent the user from logging in and accessing company data.

The iPhone and BlackBerry apps also contain two security settings. These can be accessed through Settings > Sage 50 on an iPhone and Options > Sage Mobile on a BlackBerry.

By default, the Sage app does not prompt a user to re-enter their password every time they use the app.  This behaviour can be disabled by enabling the sign out on exit option.

For efficiency and performance, the mobile will store the most recent version of accessed data. For instance if a customer record has not changed since it was last accessed, it will not be sent again. With considerable technical knowledge, software tools and access to the physical device it is possible to extract this data from the phone. For this reason, the user can instruct the mobile phone to clear this cache each time the Sage app is exited or suspended. A user’s Sage Passport credentials are never stored or cached anywhere on the mobile phone.

In addition, mobile phones offer their own security features.

  • iPhone and BlackBerry phones can be locked with a pass code or unlock gesture.
  • iPhone and BlackBerry phones on enterprise networks can be wiped, or have applications and data removed remotely.  Alternatively iPhone users can register with Find my iPhone, a free service provided by Apple to help users remotely locate, lock or wipe their phone.

This means that if a mobile phone is lost or stolen access to the Sage app will not be possible.

Put the right company policies in place

Putting the right company policies in place can help you prevent mistakes being made that may put sensitive information at risk. Policies should include:

  • Ensuring users set a suitably complicated lock code or unlock gesture on their mobile phone
  • Ensuring all mobile phones are signed up to Find by iPhone or a similar enterprise-wide solution to facilitate remote data removal
  • Ensuring users enable the sign out on exit security setting within the Sage app, if the company views the data retrieved and displayed to be highly sensitive
  • Only providing access to highly sensitive data to those who need it: the access controls in Sage 50 Accounts permit granular access to suit a variety of user roles

So, hopefully that’s given you an insight in to the security behind our mobile app, but also how your business can benefit from working on the go while mitigating any risks.

Alex Reid, Sage Central R&D Team

For further information and to download the Sage app for iPhone, BlackBerry and Android: www.sage.co.uk/sage50mobile

Available on the App Store

Posted in: Your accounts
1,482 comment

Comments

We may use the information you provide to get in touch with you about your business needs. If you’d like to find out more about how we use your details please visit our privacy policy here.