Enable MFA
Simply having a strong password is inadequate to secure your account. To defend yourself against cyberattacks, it's important to add an extra layer of security.
Zakya's Multi Factor Authentication (MFA) allows you to add a layer of protection. Enhanced security confirms your identity using a second verification method in addition to your password. It decreases the possibility of someone impersonating you and gaining unauthorized access to your business data.
How do I enable MFA?
- Log in to your Zakya account.
- Navigate to My Profile > My Account.
- Select Multi-factor Authentication, choose your secondary verification method, and click Set up Now.
- Follow the steps and set up your secondary authentication.
Secure Sensitive Data
It's critical to secure your data while also ensuring the privacy of your customers' data. As part of your business, you may gather personally identifiable information from your customers and keep it in a database.
For example, a Premium Watch retail business takes a customer's entire name and date of birth in order to register them to their loyalty program, which allows them to attract customers with exclusive offers and discounts.
If sensitive information slips into the wrong hands, it can have long-term ramifications for both the individual and the business itself. Zakya has provided these options to protect the data.
Custom Field Encryption
Custom Fields in Zakya allow you to quickly and easily add data against fields created by you. When you create a new custom field, you can choose to encrypt and save the Personally Identifiable Information (PII). While creating your custom field, you can choose either PII or ePHI based on the information that you are collecting.
- Choose PII (Personally Identifiable Information) if the information that you will enter is confidential and can be used to identify a person. You can mark fields such as Text, Email, URL, Phone, Number and Date as PII. You can choose to encrypt and store it if the data is sensitive or store it without encryption if the data is non-sensitive. Choose if the information you enter will be sensitive or not sensitive:
- Sensitive data: Encrypt and store it. This data can be viewed only by users who have permission to access PII.
- Not sensitive data: Store it without encryption. Only users with access to protected data can view the details. However, users can use this field to perform advanced searches.
- Choose ePHI (Electronic Protected Health Information) if the information that you enter can be used to identify a patient. For example, an electronic copy of medical report will be ePHI. You can mark only fields such as Text, Email, URL, Phone, and Date as ePHI. The data will be considered as sensitive; it will be encrypted and stored. Only users with access to protected data can access the fields. Users cannot use this field to perform advanced searches.
- Navigate to Settings > Preferences.
- Select the module for which you would like to create a new custom field.
- Enter the Label Name and select the Data Type.
- Select how you want to store your data based on its sensitivity under Data Privacy.
- Select the other settings and click Save.
Note
- You can mark a field as PII or ePHI only for the following data types: text, number, email, URL, date, and phone.
Permissions to Access PII
Zakya lets you restrict your organization user’s access to the sensitive data of your contacts. You can choose to edit a user’s role and enable or disable their access to Personally Identifiable Information (PII). Any data that can be used to identify a specific individual. To do this:
- Navigate to Settings > Users and select Roles.
- Click Edit next to an existing role to modify an existing role or create a new role.
- Scroll to the Settings > Data Access section and enable or disable Provide access to protected data.
- Click Save.
Note
- By default, the setting will be enabled only for the Admin of the organization.
PII Data Export
Once you have enabled role based access, only the users with permission to access Personally Identifiable Information (PII) will be able to export any sensitive information. This would include SSN number, bank account number, and any custom fields created and marked as sensitive.
Note
- Users with roles that do not have access to Provide Access to Protected Data will be unable to export sensitive information.
When users with permission to access PII want to export data, they can do so.
- Go to the module for which you want to export data.
- Click Export from the More icon.
- Select the module you want to export, choose the status of the transaction, and select the file format.
- Enable Include Sensitive Personally Identifiable Information (PII) while exporting.
- Click Export.
Back up your data
In the event of an inspection or during tax filing, you may require all of your business's records offline. In this case, you can generate a backup of all records from the Inventory Start Date to the Present.
Once you complete the data backup process, a download link will be sent to your registered email address, which will contain all the records and transactions in your Zakya organization in a CSV file. You will be able to download it from your email if you’re logged in to your Zakya account or from the Data Backup section in Zakya where all the data backups are listed along with the details of the user who initiated the backup.
Prerequisite
- You must be an admin user in the Zakya organization to create a data backup.
- Go to Settings > Data Backup.
- Click Backup Your Data.
- In the Backup Your Data pop-up screen, click Continue.
Note
- It can take around 30 minutes for you to receive the download link from the time you’ve initiated a backup.
- You will be able to access the download link and download the data only if you’re logged in to your Zakya account.
- The download link sent to your email address will expire in 30 days, from the date of your backup.