• Sage CRM Tips

    Extra security for
    your Sage CRM System

    Modal Title Here
    Offer extended until December 2019
    Ask about our free half day on-site
    Sage CRM training

    We will attend your offices and deliver half a day
    user or admin training

Reading Time: words

LinkedIn Article
 September 2018    James Grant    Search Engines

Sage CRM Installation Tips
Please make sure you follow best practices when installing a secure Sage CRM system. More information can be found here.

More and more Sage CRM customers now require quick and easy access to their system anytime and from anywhere. Sometimes outside of the office network and also without logging onto a VPN connection first.

Configuration of access on a public IP is relatively straightforward, set up CRM on a Secure Socket Layer (SSL), add some firewall rules on the HTTP/HTTPS/Tomcat ports and possibly create a dns record for a crm subdomain.

But although our customers require this, they don't necessarily want their CRM login page indexed by search engines, revealing a gateway to their sensitive data. Although Sage CRM passwords are encrypted using a secure symmetric-key encryption algorithm (3DES), this method of encryption is gradually being replaced by a new Advanced Encryption Standard (AES). Many configurations allow for users to define and manage their own login password, this also opens up potential vulnerabilities, so setting the minimum length and ensuring complex values should be enabled.

A simple search on google already reveals many customers Sage CRM login page and who its licensed to.

Our technicians add an extra step in the deployment configuration.

The X-Robots-Tag is a HTTP header that informs search engine crawlers (‘robots’) how they should treat the page being requested. It’s this tag that can be used as a very effective way to prevent login folders and other sensitive information from being shown in Google’s search results.

Call Centre Wallboard
Call Centre Wallboard

With a quick modification to your Sage CRM server we can prevent search engines from including your login page in their search results.
1. Open Internet Information Services (IIS) Manager
2. Click the server instance name from the left menu
3. Open HTTP Response Headers
4. Click Add… from the action menu
5. In the Name input, type: X-Robots-Tag and in the Value input, type: noindex, nofollow

Midlands Office

County House
St Mary’s Street
Worcester
WR1 1HB
United Kingdom

South West Office

3 Brook Office Park
Emersons Green
Bristol
BS16 7FL
United Kingdom

Contact Us

T: 0330 205 0250
E: info@spirebms.co.uk

Business Hours
08:30 – 17:30 Mon to Fri

Gamm Telecom
Mitel
Avaya
Sage

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our privacy policy