We’re always thinking about security at MINDBODY. It’s why we maintain Level 1 Payment Card Industry (PCI) compliance, and why we build helpful security features into your MINDBODY system. These features can help you protect client data, staff member information, and sensitive business records. Read on to learn how to use them to maintain your MINDBODY site’s security.
- Staff permissions
- Login security
- Security-related reports
- Gift card balance protection
- Client alerts and contact logs
No one knows your staff better than you do. Put that knowledge to good use by carefully assigning staff permissions. This feature allows you to control who can access reports, client and staff profile information, and sensitive business records, to help you ensure the safety of the data in your MINDBODY system.
- Permission groups: Set up and assign your permission groups so that staff members get access to the information they need, but nothing more.
- If you run a larger business, it’s best to set up permission groups for multiple staff members based on their roles. For example, desk staff might need to book appointments and classes, and update client profile information. Teachers might need permission to sign people up and then sign them in. Managers might need to view and edit billing information.
- If you run a smaller business and you want tight control over individual staff members’ permissions, you could set up each staff member in his or her own permission group.
- Permissions: Carefully read the Staff Permissions Explained article to learn what each permission lets staff members do. It’s usually best to give fewer permissions up front, and then grant additional permissions if you find they’re necessary to keep things running smoothly. Here are a few tips—organized by permission section—to get you started:
- Manager Tools Permissions: Here, you’ll find some powerful tools like the ability to manage other staff members’ logins and to administer permission groups. We recommend reserving these permissions for your trusted managers.
- Report Permissions: Certain reports—like the Mailing Lists Report, the Connect Ratings & Reviews report, and the Account Balances report—contain sensitive client data. Others—like the Payroll and Phone Book reports—contain staff members’ personal information. Read about the reports available in MINDBODY, and then learn which permissions give access to specific reports. Assign report permissions carefully.
- Client Permissions: When clients trust you with their personal information, you want to protect it. One way to do this is to keep it away from prying eyes. We suggest limiting the number of people who can view and edit clients’ billing information, administer client logins, and edit client profiles. Assign these permissions to a small group of trustworthy employees.
Your MINDBODY site allows each and every person who works at your business to have a unique login. This important security feature gives you the ability to accurately track who’s logging in to your system, communicating with clients, and making sales. It also allows you to remove staff logins whenever an employee leaves, on either good or bad terms. Below, you’ll find advice on maintaining login security.
General password tips
- Create hacker-proof passwords: MINDBODY helps you create secure passwords by requiring that they are at least eight characters long and contain a combination of numbers and letters. You can take extra steps, like adding special characters (!, #, @, etc.) to keep yours even more secure. Read more tips for creating a strong password.
- Change your password regularly: We recommend changing your password at least once every six months. When you change your password, the new one should be significantly different than your previous passwords.
- Do not save your password in a text document on your computer: If anyone gains access to your computer—either remotely, or by stealing it—they’ll be on the lookout for a document that contains your passwords. Don’t give them the satisfaction! The best way to avoid giving your passwords away is to memorize them. However, there are also apps and software programs that can encrypt and store your passwords for you.
- Don’t give your login information to anyone, ever: As the business owner, you have the highest level of access to MINDBODY. Staff permissions don’t apply to your login, meaning you have full access to the site—including client data, staff info, business records, etc.—at all times. It is extremely important that you do not give out your username and password to anyone. Sharing your login information, even with your most trusted friend, is a security risk. There is always the possibility that it will be misused, lost, or stolen.
- Change your username from owner to your first and last name: MINDBODY gives you the option to switch your generic owner login to your first and last name. We recommend taking this step as it makes it more difficult for hackers to get into your account. Learn how to make the switch.
- Set up password recovery questions: Choose security questions and answer them. If you ever forget your password, you’ll need to answer one of these questions correctly in order to reset it. If you don’t have your password recovery questions set up, you’ll have to call us to reset your password.
- Learn how to set up unique staff logins and make sure that every single staff member has their own, even those who are in the same staff permissions group. This ensures that contact logs, sales records, and entry logs are accurate.
- We recommend setting up each new staff member with a unique login on their first day of work, so they never have a need to share with anyone else.
- Educate staff on the importance of keeping their passwords secure.
- Encourage staff to change their passwords at least once every six months, and share tips for constructing secure passwords.
- Go into the staff member’s profile and click the Deactivate Staff Member link in the bottom left corner. This deletes their login information, removes their permission group, and unassigns them from all of your locations. If you ever need to reactivate the staff profile, you can, but you’ll need to set up new login information.
- If you have set up unique logins for each of your staff members—which we hope you have!—your work is done. However, if any other staff members share a login with the worker who has left, you should delete the remaining username and password from all applicable staff accounts, and then create new ones.
- Do not delete the staff member’s contact information from your system. You may need to search for it in the Phone Book report in the future.
- Learn more about deactivating staff profiles.
- To track a former staff member's activity on your site before you deactivated their profile, run the Entry Logs report and the Staff Activity report. Read about them below.
Entry Logs report
The Entry Logs report will tell you which consumers and staff members have logged in to your site over a date range that you select. This information can help you see if staff are logging in during their shifts, or after hours. It can also help you spot any former staff member logins that need to be deactivated.
Staff Activity report
The Staff Activity report allows you to see which staff members accessed sensitive reports, the time that the sensitive reports were accessed, the report's name, the staff member's IP address, and gives you a "View" link that lets you see the report exactly as the staff member saw it. Essentially, it's a tool to help you determine if a staff member exported your clients' information. Clicking the "View" link lets you see exactly what filters the staff member used to generate the report.
The Staff Activity report tracks access to the following reports:
Security Verification report
The Security Verification report lets you control whether or not someone who signs up for a Consumer Mode account can link it with an existing client account. This is important because once the two accounts are linked, the Consumer Mode login will give access to the pricing options, client information, and stored credit card on the existing account.
Here’s how it works:
- When someone signs up for a new Consumer Mode account, they enter their first and last name. Your site pulls up a list of existing clients whose names at least partially match what they entered.
- The person creating the account can click a name on this list (typically their own name) and provide one piece of verification information to link their new Consumer Mode account to the existing account in Business Mode.
- This is where the Security Verification report comes in:
- When you generate the report, you’ll see a list of clients who have asked to link their accounts to an existing account. To the right of the client’s name, you’ll see the email address they provided when they tried to sign up for the account. Click the client’s name to view the email address in the existing account, and see if the two emails match. (Please note that this works only if the client profile in Business Mode already had an email address saved to it.)
- If an existing client has signed up for a Consumer Mode account, the email address they submitted will match the one saved to their profile. In this case, you can quickly confirm that the client is who they say they are, and grant them access to their full Consumer Mode account directly from the report. If you have the Security Verification Approved auto email enabled, it will send to the client immediately.
- If a new client accidentally tries to link to an existing client’s account, or if a shady character does so on purpose, the email they submitted won’t match the one in the existing client’s profile. When this happens, we recommend taking these steps:
- Do not verify the account.
- Contact the existing client using the information stored in their profile, and make sure that they didn’t try to set up the account using the wrong email address.
- If the existing client did not try to link the account, and if the email address provided seems legitimate, you could send the potential new client an email and offer to set up an account for them through Business Mode, complete with a unique login.
- If the existing client did not try to link the account, and the email address provided seems like a spam account, don’t respond. If the person really is a potential client, they’ll find another way to get in touch.
Business owners and gift card manufacturers alike typically number gift cards in sequential order. While this is convenient for production and record-keeping purposes, it also makes it easier for hackers and potential scammers to guess your gift card numbers. As soon as they’ve got one number pegged, they can guess the next and the next, and then use them to make purchases online, or even to forge fake certificates to use in person.
Luckily, we’ve found ways to prevent this:
- Online: When a gift card is sold online, the gift card number is generated automatically. Each new card gets its own random twelve-digit number, giving each card one of 999,999,999,999 possible numbers. Needless to say, this makes these gift card numbers much harder to guess, helping to protect you and your clients from losses. Because of this feature, only cards that are created online can be redeemed online.
- At the retail point of sale: If you use paper certificates or any other type of gift card that requires you to manually write in the ID number, you can take advantage of the random number generator, too.
- Just go to the Retail screen, choose the prepaid gift card that the client wants to buy, and then click the Generate Random link.
- Write down the number from the Gift Card ID field onto the gift card (or copy and paste it if you’ll be printing from the computer).
- Give the gift card to the client. The card number will be difficult to guess, making the card balance much more secure.
Client alerts can warn you of clients’ health conditions, negative account balances, and more via messages that pop up on selected screens throughout your MINDBODY system. You can set up some of these alerts so that staff members have to explain how they deal with them before completing any other task. And, if you use our Sales Team management feature, you can even set these alerts to automatically write a contact log recording the day and time when the alert was set off, the staff member who dealt with it, and the explanation they gave. This feature can help you improve safety and security at your business through detailed record keeping. Four client alerts can be set up to require a staff response, and to automatically write a contact log. Learn about them below.
Red alert and yellow alerts
- The red and yellow client alerts are often used to note client health limitations, or even staff safety concerns.
- To require staff to respond to these alerts, check the "Reason to Ignore" option when you set them up. When this option is enabled and staff members press the "Ignore" button on the alert, they’ll have to enter a note that explains why. Essentially, this requires staff to document how they handle the issues described in these alerts each time they pop up. For example, if an alert reads, “Mark has asthma. He needs his inhaler before class,” your staff member could click the Ignore button and then write, “I gave Mark his inhaler, and he used it before class,” in the field.
- To make sure that these records are saved in the system, you should also enable the "Write Contact Log" option. These contact logs will list the username of the person who handled the alert and the reason they gave.
- Run the Contact Logs report and filter just for client alerts to see the details. These records help you keep tabs on which staff members are handling sensitive client health information, at what times, and in what ways—which helps you keep client data secure.
Account balance threshold and arrivals in threshold
- The Account Balance Threshold alert is triggered when a client’s debt to your business reaches a threshold value that you set. For example, you could set it to go off when they owe you $100 or more.
- The Arrivals in Threshold alert is triggered when a client arrives more than once within a certain number of hours. For example, you could set it to go off when they arrive twice in four hours.
- To require staff to respond to these alerts, enable the "Reason to Sign In Field" option. When it’s enabled, staff members will have to justify signing in clients who have exceeded the thresholds you’ve set. When one of these alerts triggers for a client they’ve looked up on the Sign In screen, they’ll have to choose Reject or Sign In. If they choose Sign In, they must enter the reason why (e.g., Client will pay after workout).
- If you enable the "Write Contact Log" option as well, then MINDBODY will automatically record the name of the staff member who signed the client in, and the reason that they gave for doing so.
- Run the Contact Logs report and filter for client alerts to see these details. This information will help you make sure that staff members aren’t giving certain clients preferential treatment, or shying away from enforcing your business policies.