04 Feb 2014

CaseLink Web: Update Passwords and Adjust User Rights Regularly to Prevent Unauthorized Access

0 Comment

Compliance Tip:

Update Passwords and Adjust User Rights Regularly in CaseLink Web to Prevent Unauthorized Access

Keep Information and Funds Safe and Secure

Banking and data security has been in the forefront of the Chapter 7 community since last week’s EOUST communication about email hacking was circulated. You are held to the highest standard when it comes to protecting the personally identifiable information (PII) and funds in your care. In order to help you maintain strong levels of internal controls, we have put together a list for you to follow to safeguard the sensitive information from unauthorized access.

Review the following guidelines to help prevent unauthorized access to your BMS software and maintain safe and secure banking practices.

1) Create a unique password. Each BMS software user should have a different and unique password .

2) Change passwords frequently. CaseLink Web was designed with this feature in mind. Users are automatically prompted to change their passwords quarterly keeping you compliant with UST guidelines.

3) Log out of the BMS Software when leaving your computer. Although CaseLink Web will log users out after a period of inactivity, the recommend best practice is to log out immediately when stepping away from your computer – whether it is for lunch, a meeting or just for a minute – so that no one else can get into the software.

4) Disable access for former employees. Every office sees the changeover of employees at some time. Employees who no longer work for you should not have access to your records. To ensure this, remove BMS software access from all employees who no longer work for you.

5) Assign each user their own specific rights. In CaseLink Web you have the ability to assign different rights and banking privileges to each user. This would apply to specific functions such as making deposits, printing checks, requesting interim statements and authorizing outgoing wire requests.

You can adjust these privileges by following the steps below:

  1. From the Global Tool Bar on the CaseLink Web Homepage select Your Name>Profile.B_CLW1
  2. Next, the Profile page will open up. From the Staff field, select the employee you want to review then click Privileges. UA_1
  3. From the Case Rights screen you have the ability to grant the the employee the level of access you want them to have. Below is a guideline of CaseLink Web access.
  • None: No access. Delete: Is the highest level of access. If you have the ability to delete then you can do any function within the record.
  • View: Is the lowest level of access. In this function you only have the ability to view a record.
  • Change: You have the ability to amend records.
  • Add: You have the ability to make account changes.
  • Full Rights: Is the highest level of access.

Once rights are assigned, click Save to complete.

SB_CLW3Quarterly reviews will help to ensure that each employee has the correct level of access to perform the banking procedures set by the trustee. This will also help in your auditing practices, by matching up employee access to those setup in the Chapter 7 Handbook under the Segregation of Duties.

If you have any questions about setting up banking privileges for your employees, please contact the BMS Banking Center via email or call 800-634-7734 ext. 8.