Business software provider Sage is looking to its partner community to minimise risks associated with some of its products.
This comes after the company acknowledged last year that a security flaw in Sage's Pastel accounting products could expose user data, but the real-world risk may be relatively low.
In a recent interview with ITWeb, Steven Cohen, MD of Sage Pastel Accounting, said the company is boosting its partner engagements to minimise the common risks associated with business software.
Since last year, Sage's partner accreditation process has been stricter, and exams have been introduced by the business software provider, Cohen said. Depending on the product they deal with, partners are now required to have a specific staff complement to be accredited, he added.
Sage is also engaging its partners with training, as skills shortage is one challenge they are grappling with, Cohen noted. The company also has a call centre with 150 agents and 20% of them give priority to partner support while the rest attend to end-users, he pointed out.
IT consultant, Johan Pienaar, went public last year with details of a security flaw in the way data is managed by the Pervasive database underlying several Pastel products. The database is unsecured; meaning anyone with a copy of the files could examine the core data, said Pienaar.
Pienaar also found evidence of data sharing in a public FTP site operated by Sage, with the financial data of "20 to 30 companies" available for download. The FTP site has since been closed.
"There are risks attached to the implementation and usage of any business application or service. The specifics vary between our product ranges, and we'll always work closely with our resellers and customers to minimise them," said Cohen.
For example, he noted, Sage One is a cloud-based application. "That means users will not be able to access it if they have no Internet connectivity. They can minimise this risk by, for example, having mobile broadband as a backup if their fixed-line goes down."
He reveals Sage has the support of 2 000 value-added resellers. "Sage Pastel today employs 800 people that are experts and have years of domain knowledge on accounting and payroll software."
Cohen adds when it comes to more complex products like Sage Evolution, there are implementation and integration risks the same as there are in any enterprise resource planning product.
"We handle this by working with our implementation partners to create project plans that minimise these risks and ensure the software goes live on time, within budget, and delivers the promised functionality."
On top of the partner community, Cohen also noted, the company uses the latest best practices and technologies in all its products to ensure the integrity of clients' data. "For example, we enforce username and strong password protection in most of our software to help keep our customers' data safe from unauthorised users."
Other security features include standard firewall, strong SSL encryption, automated logout when the user is idle for too long, and daily backups, said Cohen.
Share