Sage 100 security is a concern of many companies. However, many times they aren’t quite sure how to secure their Sage 100 data against internal or external loss. Because Sage 100 is an accounting system in use by over 14,000 companies ( as of the 2021 release ), there are many end users well acquainted with its structure which means your company should be deliberate in their security measures.
Sage 100 Security: Six Best Practices
When was the last time you reviewed your security practices around Sage 100? If you’re like many users the security setup is an afterthought to the regular ongoing practice of reconciling accounts and printing financial reports.
With this in mind we’ve compiled a concise list of six best practices for securing Sage too against both internal and external threats.
Backup Sage 100 Data Files Regularly
The best protection against data loss is a backup of data which you regularly verify.
For details on what to backup within your Sage 100 system, please reference the following KB 20262 – How to backup and restore data, program and system files for Sage 100.
For a quick backup, you can usually copy the \MAS90 and all subfolders to a separate drive. There are, however, additional files and folders which may require backup ( paperless, Sage Intelligence ) depending upon your specific company usage. The knowledgebase linked above provides more details instructions on locating additional files to backup.
Please note that it’s generally NOT advisable to restore only select files. The safest way to restore is to fully restore all files that were backed up unless you’re positive that only one or two files was changed which need restoring. This can be a tricky error and we advise you consult with a Sage expert for guidance on restoring.
Although your Sage 100 security is not directly impacted by the frequency of backups, having a backup on-hand can make recovering from any type of breach significantly easier.
Update Sage 100 Regularly
The only way to ensure that you have the latest updates and fixes for Sage 100 is to remain on a supported release version.
Typically Sage supports three versions of Sage 100 – the current as well as two prior releases. However, this can change from time to time. There is a supported versions KB 31477 article available that outlines which versions of Sage 100 are supported.
This chart is updated regularly ( below is the chart as of June 2022 ). Visit the KB article to view the most current information on which releases Sage actively supports.
Staying on a current version of Sage allows you to receive technology updates that impact Paperless Office, as well as the interaction of Sage with OAUTH via Office 365 and Google.
Use Unified Login
Instead of having your Sage 100 users create their own separate password within Sage 100 you can enable a feature called Unified Login and users created within Sage 100 will authenticate based on their Windows login and password.
Why use unified login?
- Easily disable user logins at the same time users are disabled from network access
- Allows for a password policy ( changes, length, etc ) that mirrors the organization’s policy
- Removes another password that users need to create and maintain/change regularly
- Reduces Sage 100 password sharing
When implementing unified logon, users are mapped to the Windows logon allowing for unified logon to both Windows and Sage 100 with the same logon name and password. When using unified logon, Sage 100 authenticates the user’s Windows logon and password. Users are not required to reenter their logon name when accessing Sage 100 after logging on to their PCs.
To implement unified logon, users need to be set up and the user’s Windows logon name must be entered in the User Code field in User Maintenance.
The Unified Logon feature is all-inclusive. If implemented, all users must be set up to use unified logon.
Use A SQL Database for Sage 100
To protect your Sage 100 database from unwanted copying or other access you should adopt the SQL version of Sage 100. This version is known as Sage 100 Premium. For users on subscription with Sage 100 this SQL database may be available at no additional charge.
With Sage 100 Premium ( SQL ) all company data files are secured within SQL Server where they are subject to separate security.
Before you make the decision on using Sage 100 Premium, please read our Sage 100 Premium ( SQL ) FAQ to learn about the pros and cons.
Enable ODBC Security ( Non-SQL Sage 100 Versions )
To prevent end users from connecting to your Sage 100 data tables and creating reports or exports you should enable ODBC security ( not needed if you are using SQL since the SQL Server will create this security for you ).
Use the ODBC Security tab in Role Maintenance to assign permission levels to data tables and fields. This option allows you to restrict the data that can be retrieved by a user using the ODBC driver. If the user does not have the permission rights that match or the user’s permission rights are below what is assigned to the table or field, the ODBC driver will return null values. Because the use of this utility requires detailed knowledge of the data files, this option should be secured by assigning a role to the user(s) to prevent access by unauthorized personnel.
For details on how to enable this security – How to set up ODBC security for users, companies, tables and fields.
Remove Easy Access to Network Shares
If you are NOT using the Sage 100 Premium ( SQL ) version then you should consider making it difficult for users to access the network share where Sage 100 is installed ( \MAS90 ).
Sage 100 security can be improved by the use of remote desktop options such as Terminal Server or Citrix. Applications like Sage 100 can be published as icons so that general access to the underlying shares is somewhat restricted for novice users.
For more information on how to set this up please review – How to Publish Sage 100 as a RemoteApp on Windows Server 2012 or higher.
Sage 100 Security: No One Size Fits All Solution
It’s always best to make your Sage 100 as secure as possible to guard against possible data loss. Sage publishes a list of network user rights that are required for Sage 100 Advanced which can also be used as a guideline for other Sage 100 versions.
Creating a more secure Sage 100 system relies on following as many of these best practices as possible. Ensuring that you have a solid working backup of all data file ( Please test this regularly ) is a great first step to ensure your company can recover from any data losses.
You must be logged in to post a comment.