User Security Best Practices

To ensure your HirePOS account remains secure, it's essential to follow best practices for passwords, email security, and access management. Here’s a comprehensive list of steps you can take to enhance the security of your account and data:

• Create a strong password: Use at least 12 characters, including a mix of uppercase letters, lowercase letters, numbers, and special characters.

• Avoid using personal information like names, birthdays, or phone numbers.

• Never reuse passwords across different services. Always have a unique password for HirePOS.

• Use MFA on your email and any third-party accounts linked to HirePOS (such as Microsoft or Google). This ensures that even if your password is compromised, unauthorized access is still blocked.

• If you use Google Sign-In or Microsoft Sign-In, ensure MFA is enabled on those accounts. This adds an extra layer of protection by requiring both a password and a verification code sent to your device.

• Use Google or Microsoft Single Sign-On (SSO) to log into HirePOS. SSO ensures that your HirePOS account is linked securely to your Google or Microsoft account, and you won’t need to manage a separate password for HirePOS.

• With SSO, you can enforce MFA for added security on both Google and Microsoft accounts.

• Your email is the gateway to resetting your HirePOS password. If your email account is compromised, an attacker could easily reset your HirePOS login credentials.

  • Enable MFA on your email account (Google or Microsoft).

  • Regularly change your email password, especially if you suspect it has been compromised.

• Check your login history: Regularly review recent logins for any unusual or unfamiliar IP addresses. This helps you quickly identify unauthorized access .

• Review user actions: Admins can check the user timeline in HirePOS to track changes made by users, providing visibility over potentially unauthorized activities.

• Be cautious with Chrome extensions: Some browser extensions, particularly shady or unverified ones, can pose security risks by tracking your browsing activity or injecting malicious code. Avoid using suspicious extensions, and only install ones from trusted sources like the Chrome Web Store. If in doubt, disable unnecessary extensions while using HirePOS.

• Third-party integrations: Any third-party services you connect to HirePOS (such as accounting tools, payment processors, or CRM systems) will have access to some of your HirePOS data. It's crucial to ensure that the security best practices of these other apps are also maintained. Always use strong passwords, enable MFA where possible, and review the permissions granted to integrations regularly to minimize potential vulnerabilities.

• Install and regularly update antivirus software: Ensure that your computer has up-to-date antivirus software installed. Regular updates help protect your device against the latest threats, such as malware and viruses.

• Use malware protection: Consider installing additional malware protection to defend against potentially harmful software that could compromise your system and personal data.

• Avoid logging into HirePOS from public or shared computers: Never log into HirePOS from a public computer or use shared/free/public internet connections, such as those found in cafes, libraries, or airports. These networks may not be secure, and attackers could potentially intercept your login credentials or other sensitive information.

• Regularly remind staff about the importance of password hygiene and cybersecurity awareness.

• Restrict user access to only the areas they need in HirePOS, minimizing the risk of unauthorized access to sensitive data.

• Always use the latest versions of your browser and operating system for the latest security patches. Software updates are essential in defending against emerging threats.