Securing Client Information
Last post 06-05-2012 9:28 PM by Method_Paul. 16 replies.
-
06-15-2009 1:22 AM
|
|
-
1strate
- Joined on 06-13-2009
- Texas
- Posts 24
|
Securing Client Information
I want to input payment and credit card info using Method. I can I ensure it is safe to add the personal data while logged onto Method. I see that I can save a screen with "https" but after testing, I can't see any visible evidence that the screen is secure. Any suggestions would be appreciated.
James Stapleton
Regards, James Stapleton 1st Rate Pool Service, Inc.
|
|
-
|
Re: Securing Client Information
Hello James,
Thanks for using our forum, this is a very good concern since security is so important. The way Method works is that there is a main Default.aspx page, and then all the screens are “frames” inside the Default page. You can tell a page is secure by hovering your mouse over the tab link. If this screen was by itself, and not a frame inside Default.aspx, you would see the little secure lock symbol. This shows that it is an https page instead of an http page. But rest assured, it is still there, just not visible.
An example for those users who are not sure what tab links are; the first tab link under Customer Centre is ‘Customer List’. I hope this clears up any uncertainty you had.
|
|
-
-
1strate
- Joined on 06-13-2009
- Texas
- Posts 24
|
Re: Securing Client Information
So do I make a screen secure by simply marking the "https" option in the screen setup or is there something more? Also, using the hover action you spoke of...what browser were you using to get the security to show up?
Regards, James Stapleton 1st Rate Pool Service, Inc.
|
|
-
|
Re: Securing Client Information
Hi James,
Yes, you make a screen secure by going into the Advance Screen Properties and checking the checkbox for "Is a https secure page?".
You can use Internet Explorer or FireFox and you would be able to see whether the page is 'https' by hovering over the tab link. I have also attached a screen shot as a visual representation.
|
|
-
-
seny
- Joined on 07-15-2010
- Posts 32
|
Re: Securing Client Information
I can see the "https" showing up, however, how do I verify it indeed is secured. I'd rather see that showing up in the address bar of the browser, and the secured lock icon either on the right side of the address bar (IE) or on the bottom right (Firefox). Is that possible?
|
|
-
|
Re: Securing Client Information
Hi Seny,
In order to help you understand this better, I have to give you a little technical explanation. The way Method works is that there is a main Default.aspx page, and then all the screens are “frames” inside the Default page. You can tell a page is secure by hovering your mouse over the tab link. This shows that it is an https page instead of an http page.
If this screen was by itself, and not a frame inside Default.aspx, you would see the little secure lock symbol. But rest assured, it is still there, just not visible. Hope this helps.
|
|
-
-
seny
- Joined on 07-15-2010
- Posts 32
|
Re: Securing Client Information
I did successfully make the screen that I wanted to be secure, however, I have another problem here, which is that:
When you try to link that secured screen from a non-secured screen, it becomes unsecure. Furthermore, all the links from the secured screen will not navigate to the desired tab-link. For instance, if I made the customer list screen secure, within that screen there is a Transactions Tab, and in that tab, there is a grid where you will have some transactions including invoices. But if you click Go to... link and tries to go to the invoice screen, it will not work. However, if I make the customer list screen unsecure, it turns out ok.
Can somebody let me know what is going on there?
|
|
-
|
Re: Securing Client Information
Hello Seny,
How are you linking to the secured screen from a non-secured screen? Are you using the 'Go To Tab Link' or 'Show screen in pop up' actions? If you are, then you cannot hover over the tab link to see 'https'. In this case, the only way to verify that the screen is 'https'; is to go into the Advanced screen properties edit window and ensure that 'Is https secure page?' is checked. We'll be looking into how we can better indicate when a screen is secured using 'https', since it's being more and more requested.
I'm looking into the second part of your post. Where you click on the 'Go to...' link under the Transactions tab section on the Customer List (secure page). When I attempted it I got a pop up message. As soon as I get some feedback on this I'll update you.
|
|
-
-
seny
- Joined on 07-15-2010
- Posts 32
|
Re: Securing Client Information
Any updates on this issue? Right now our real data is on the method server, we want to make sure it is encryped when transmitted. If this can not be done, we need to look something else, despite how much I like Method.
|
|
-
|
Re: Securing Client Information
Hi Seny,
I'm still waiting on an update on this. As soon as I get any updates I'll let you know.
|
|
-
-
seny
- Joined on 07-15-2010
- Posts 32
|
Re: Securing Client Information
Can you give me a timeframe when this is going to happen, because we are really running out of time, we can't wait and do nothing, as we need a system to keep our business running. I know eventually you will get this resolved, but if it has to be three month later down the road, then this is not what we want.
|
|
-
-
Method_Paul
- Joined on 10-23-2007
- Toronto, Method HQ
- Posts 858
|
Re: Securing Client Information
Answer
Seny -
If you like, you can take advantage of something that we have hidden in the "labs" right now, that basically turns all pages to be automatically https across the board.
I'm not sure when this would become public except for those that read this forum post, but probably not until the end of this month or early September.
But to get the feature now, you and your staff can simply login to Method at this location:
https://www.methodintegration.com/method/login.aspx?DefaultSecure=True
The "&DefaultSecure=True" at the end of the URL tells the login form to treat all pages as https.
The downfall of this is that it is slightly slower, since SSL has an extra layer of encryption/decryption, so it is encrypting everything on the site, even parts that are not considered private information like javascript libraries and images. However, based on your needs, it sounds like this is exactly what you want, so I encourage you to try it out now.
Hope that helps,
Paul
|
|
-
-
seny
- Joined on 07-15-2010
- Posts 32
|
Re: Securing Client Information
Perfect. That is exactly what I want.
And you know what, it seems faster than the unsecured one.
Thank you so much.
|
|
-
-
Method_Paul
- Joined on 10-23-2007
- Toronto, Method HQ
- Posts 858
|
Re: Securing Client Information
Yeah, that is funny. That goes against all logic of SSL........but I see what you mean, it zips along. Just wait until you see the September releases.....there's a lot in store. :)
Paul
|
|
-
-
LilAaron
- Joined on 07-04-2010
- Austin area, TX
- Posts 48
|
Securing Client Information
Can you tell me if this has changed in the current Method CRM as of 6/5/2012? I'm not seeing a lock when hovering over an unmodified Customers/Invoices tab link.
Lillian Aaron Business Accounting Software, Inc. 512.267.2277 x800
Supporting: QuickBooks Enterprise TRAVERSE Accounting Software Open Systems Accounting Software Method CRM
|
|
|
|
|