Welcome to the latest edition of MobileTime, a blog about the issues affecting mobile time tracking and the construction industry in general. Our goal for this blog is to provide useful, helpful information presented in a concise format to our customers and all others who might benefit. Today’s article is the second in a series of posts that will deal with internal controls embedded in mobile time tracking systems.
Have you ever wondered what internal control features make for a safe, secure mobile time tracking application? One that you can depend on to give you an accurately recorded, properly disbursed payroll. In this issue we will focus on limiting access and assigning responsibilities to assure accurate payroll data.
The first line of defense for a mobile time tracking application should always be the use of encrypted passwords to access the system. This will help prevent unauthorized persons from logging in and using the system. In selecting passwords it is a generally accepted rule of thumb that the easier a password is for the user to remember, the easier it will be for a potential hacker to crack. However, complex passwords are much harder to remember, and oftentimes result in the user having to write down or electronically record this information which in and of itself reduces the security of a system. Probably the best advice for selecting a password is to not base it on words or names that have personal significance like your birthdate, or the names of your spouse or children. Here is an excellent link on choosing a secure password.
Once encrypted passwords have been established, the next step should be to assign user responsibilities. This can be done in a couple of ways. In some systems, user responsibilities are assigned by the administrator of a system. As an example, the administrator may allow the user to create transactions but not to edit or approve them. Editing and approving transactions may be limited to management personnel. Other systems may automatically assign responsibilities through license types. In these types of systems, the license type will dictate the individual responsibility. For example, the license type may restrict the user to entering and reporting on only his time.
When considering a mobile time tracking system, you should not consider any system that does not incorporate these two very important security measures.