Site Creation – Security Roles

No matter how large or small your company is, security should be a top priority. While you might not be managing hundreds of thousands of user’s credit card numbers, it is important to protect what data you do manage. When you run a website or a blog system, there are various security roles you need to configure.

What are security roles?

Some systems refer to them as user roles or membership roles. Essentially, when you have multiple people working on single items or a website as a whole, everybody is responsible for specific duties and tasks. For example, you would not want a blog contributor to have access to edit user accounts. Speaking of blogs, let’s take a look at the security roles in WordPress:

  1. Administrator – This user role has complete access to the entire system. Admins can do anything within WordPress including adding, deleting and changing all user accounts, blog posts, comments, links and pages. This is usually the blog owner and should only be access by use or someone you trust.
  2. Editor – Editors have complete control over all content such as links, categories, comments, posts and pages but they have no configuration access for the blog system nor can they create or delete user accounts. This role would usually go to someone who’s just there to moderate your blog.
  3. Author – Authors can write and publish posts without review from an Editor, but can only edit the posts they’ve created. They can also only manage the comments left on their posts. This role is designed for users which need to publish blog posts, but do not need to manage content they didn’t create.
  4. Contributor – Contributors are similar to authors except they cannot publish any posts. They can only submit posts for review by either an Editor or an Administrator. If you would like people to be able to submit their own writings to your site, give them this access.
  5. Subscriber – Visitors to your site can register (provided you allow them to) on your site and this account role will give them access to leave comments on any posts and modify their own user profile. Subscribers have no other access to the blog. There is an option in WordPress to force users to register to leave comments.

You should become familiar with each of these roles and what permissions they give to each user. You don’t want to be surprised later to discover that one of your users has more access than they need.

Benefits

If you’re the only person running your business/website, you will not see any benefit in creating various security roles. However, it’s important to understand your backend system and what types of controls you have over it because in the future, you may expand and require the help of others to maintain everything.

More often than not, you find in businesses where users are sharing their usernames and password to various systems to gain more access when they need it. This is very dangerous because all it takes is one person who knows what they can do with that access and your entire company can come down in one fell swoop.

Just like you lock your doors at night, never take for granted the security of your website and system software. It could mean the difference between a secured business and no business.

<< Back to Portals Forward to Memberships >>

Site Creation – Portals

Business portals generally provide web-based access for authorized users to core functions of a business. In the past, businesses opened at 9 and closed at 5. When the lights went off, so did your work. You went home and forgot about everything for a while and nothing needed to be done until the next day.

In today’s business world, things are not so serene! Due to huge advances in technology, we now rely on everything 24/7 and this includes our emails, files, contacts, orders and general processes. If you’re running a business online, you need to be ready for anything at any time. Business portals are designed to do just that. Better yet, they help streamline your operations.

Better Communication

Your organization can always use a better and more efficient way to work. Creating a portal for your company can consolidate backend functions that would normally require multiple software programs (and probably personell) to manage. When you have constant access to all of these features, you can get the information you’re looking for whether you’re travelling, with a customer, at the office or at home.

Improve Productivity

Unlike the past where business hours dictated your personal hours and family time, the world we live in now requires our time like never before. To make up for this lost time, most people prefer to work from home. This way, they can spend time with their children while tracking sales reports from the early morning. Studies have shown that if an employee works from home, they are likely to become more productive because they’re in their own comfort zone and are generally stress free.

By offering a portal within your company, you’re also offering a new collaborative way for team members to share ideas and work on projects. What used to take days of mailing revisions back and forth and waiting hours for travelling employees to arrive at their destinations, can now take minutes over the Internet. Imagine having all of your employees logged in to the company portal from wherever they are in the world and be able to provide the same level of quality without having to be in the same room!

Improve Partner Relationships

Your company might be working globally, but not everyone in the world works on your schedule. Business portals allow your far off partners and clients to access your company when it’s convenient for them! You can even provide them with various levels of access that pertain to their specific requirements. This way, they can update needed information without you having to even be awake.

Improve Customer Relations

Being able to track customer’s buying habits and preferences allows you to stay in-tune with your customers. Provide them what they’re looking for better than you competitors and you’ll win every time. Customer experience is the number one focus when it comes to retention.

Portal Software

  1. DynaPortal – This company provide portal software online. You can choose from over 50 web-based applications to help manage your business.
  2. BroadVision – They offer portal services to large companies and allow you to completely customize your web interfaces with multi-lingual tools and applications.
<< Back to Current Relationship Management (CRM) Forward to Security Roles >>

Unfair business practice

As a computer user, I can usually separate scams from reality when dealing with things online. I  help people all day long that can never seem to figure out how they get viruses on their computer when they have an antivirus program running or how their FaceBook account was hacked, etc, etc.

Or they wonder why all of a sudden their getting spam and pop up windows telling them they need to purchase some software to fix the problems and then their credit card is now being charged weird amounts of money at random times. The first thing they blame is the computer, then usually the credit card companies and lastly, their email provider. Who they should be blaming are themselves.

This post is particularly interested in unfair business practices by some businesses to extort extra money out of people when it comes to services. In fact, most businesses don’t make much, if any profit on most of the products they sell, so they rely on services and other high-margin items to make up the difference.

One specific issue happens to be the way antivirus (and possibly other software makers) companies try to attach an “extended download” service to their customer’s shopping cart at checkout. Essentially this service claims to allow for the customer to be able to download their purchased software anytime within the time frame as defined by each company. What this implies is that when you purchase your software online, you can access the download for about 15-60 days, but if in the future you restore your computer or get a new one, you will NOT have access to the software in order to re-install it UNLESS you purchased the extended download service–this is simply NOT TRUE!

First of all, this sounds very illegal. If you purchase software, you are entitled to its use as defined by the user agreement and I have never ran into a user agreement that did not allow you to install the software on another computer provided that you removed it from the first one.

Anyway, back to my rant. Let’s clear something up while we’re at it. When you buy software, either online or from a store, you’re not actually buying the software (the disc, the download, zip file, etc.)–what you’re really purchasing is the license to use it and in order for them to verify your “legal usage”, they issue a product key. What this simply means is that you’re able to plug that product key into any matching version of that software.

In the case of antivirus software, if you bought a product key from a 2007 version of the software and have kept it renewed to this day, you do not need to go and purchase a new 2010 version to update your software; you just need to go download the 2010 version and use your key and voilà, you have a legal copy of the software. “But, how can I download the new software?!”, you ask. Well, I’ll tell you…

You can download the software by simply going to the manufacturer’s website and look in the support section. Some make it easy to find, some a little harder. If for some reason, you can’t find it, you can always download the trial version and just enter your full version key to unlock it.

What makes me sick is that they tack these charges onto your shopping cart automatically, so if you don’t catch it and remove it, you might mistakenly pay for it and this can cost anywhere from $4.99-$10. What makes it even more sickening is if you click on the “What is this?” link, you might see something like this:

When you purchase downloadable software from Symantec’s online store, Digital River, Symantec’s authorized online retailer, automatically grants you 60 days from the date of purchase to download your software order.

If you add Extended Download Service to your downloadable software purchase order, Digital River will keep a backup of all the software on your order for ONE YEAR. If you need to re-download your software, or access your Serial Key; it will be available 24 hours a day, 7 days a week for ONE YEAR from the date of purchase by going to www.symantecstore.com/orderlookup.

This is the actual text from Symantec, the makers of Norton AntiVirus. If you read this, you might actually be worried that your software will only be available for 60 days! But how can this be if you’re able to go over to Norton.com right now and download the software? And what about storing your product key? For one, you can store it yourself on your own computer, but if you don’t, you’re able to access it from your Norton account over at www.MyNortonAccount.com at any time anyway–and you’re forced to setup this account when installing!

At least Kaspersky does it a little different. They charge you $9.95 for a backup cd. I still find this to be a rip off, but at least you’re getting something for your money. Also, when you buy this cd, it literally comes to you in a basic cardboard shipper and the disc is a poorly made CDR. It looks like someone made it at home with a crappy cd printer. At any rate, why do you need a backup cd when you can download your program anytime from their site? And when you have this download, you can make your own backup cd! Others that offer physical cds are McAfee ($12.95), AVG ($10.95) and Webroot ($8.95).

I just don’t understand why a company would participate in such a dishonest act. I know there’s an old saying that says “Never let a sucker keep his money.”, but is that how you want to imagine that corporations view the public?

Direct download links for the latest antivirus programs:

Congrats to Webroot as they are the only one from above that does not try and charge you for free downloads!

Lessons learned today:

  • No matter where or what you’re buying online, always, always, always review the entire contents of your shopping cart before submitting the payment.
  • Do not be suckered into purchasing “antivirus” software from popup windows or junk emails. Legitimate companies (if you can still call them that after reading the above) will not spam you for business.
  • Don’t believe the hype! Think logically.
  • Backup your downloads and product keys. They really don’t take up that much room.
  • If all else fails and/or you’re still worried, always buy your software from a retailer. Not only will you get the same price as online, but you will also be saving money by not having to buy that backup disc.