Tips & Tricks

Virtual TimeClock Tips & Tricks - April 2008

The dictionary defines ‘security’ as ‘the state of being free from danger or threat’. I find this to be an interesting definition, since sometimes security seems terribly inconvenient; like when I’m waiting in line at the airport. Other times, it makes me feel protected; like when I’m ordering something online with my credit card. Despite the same definition, each situation brings a radically different response. Why does one cause irritation and the other relief? I’ll leave that up to you folks with degrees in psychology. All I know is that I feel a lot better knowing all of the passengers have been screened and no one’s stolen my identity yet!

We deal with security issues daily in the business realm as well. Is the alarm set? Who else knows the combination to the safe? Has my computer administrator password been compromised? These are all important concerns and can certainly impact the future of your business. One of the questions we receive from concerned business owners is, ‘How secure is my TimeClock?’ In this month’s ‘Tips & Tricks’ Newsletter, we’ll help you identify some areas to check so you can answer this question for yourself.

How to I prevent employees from changing the computer time and defeating the TimeClock?
Let’s face it, there are some unscrupulous people in the world who will look for creative ways to ‘cheat the system’. Since Virtual TimeClock utilizes the time from your computer’s clock to record timecard entries, there are several precautions that you can take to reduce any temptation your employees may have about stealing time.

Restricting access to the date and time settings:
This is one of the easiest ways to make sure employees can’t manipulate the computer’s clock to make favorable timecard entries. On Macs running OS X, click the ‘open lock’ in the lower left hand corner of the Date & Time preference pane to prevent non-­admin users from modifying the system time. Windows 2000 and XP users without administration privileges are unable to alter the system clock. Windows Vista users without administration privileges will be prompted for an administrator password in order to adjust the clock.

Here’s a quick Tip:
For step­‐by­‐step instructions on checking the security and accuracy of your computer’s clock, see the article we’ve written at Time and Attendance Articles.

Use Virtual TimeClock Pro in a server­‐client configuration:
Since we’ve already established that Virtual TimeClock Pro uses the computer clock to record timecard entries, an easy way to make sure employees can’t affect their work times is to have them clock in and out from a client TimeClock. Since the TimeClock server computer provides the time stamp, employees can change the clock on the client TimeClock computer as much as they want without it ever affecting their actual work times! To find out more about client TimeClock licenses, contact us at (888) 207­‐0005 or reply to this email anytime.

Here’s a quick Tip:
Not only does moving to a server‐client configuration prevent employees from manipulating their work times, it also removes the possibility of someone moving, deleting, or trying to tamper with your company data file.

How can I tell if someone is changing their work times after they’ve already clocked in or out?
Well, now that you’ve secured your computer’s clock from being tampered with, let’s take a look at some of the built‐in security features of Virtual TimeClock Pro.

Review worker timecard reports:
Every detailed worker timecard report flags timecard entries that were added manually or modified. An ‘A’ next to the timecard entry lets you know the entry was added manually. An ‘M’ next to the timecard entry indicates the entry has been modified in some way since it was originally recorded by the TimeClock.

Here’s a quick Tip:
There’s a legend at the bottom of each detailed timecard report that lets you know the meaning of each flag that’s reported next to the timecard entry.

Check those audit logs:
The Virtual TimeClock Pro audit logs record all of the important information related to timecard entries. The audit log reveals who added a manual entry, when it was added, and what was added. It shows who deleted a timecard entry, when it was deleted, and what was deleted. It lists who modified a timecard entry, when it was modified, and what the old and new values are. The audit log also records when security is disabled/enabled, when payroll periods are closed, and when a batch delete of timecard data is performed.

Here’s a quick Tip:
To make sure you’re not missing anything, audit logs should only be viewed and printed from your TimeClock server, never from a client TimeClock. For some tips on getting the most from your Virtual TimeClock Pro audit logs, take a look at the article we’ve written at Auditing Employee Timecards.

Until next month,

Jeff Morrow

P.S. Virtual TimeClock Pro Version 6.0
I’ve had the privilege of seeing previews of version 6.0 (and overhearing engineers talking about it around the water cooler!). It’s going to be unbelievable! And I’m not just referring to new features and functionality. We’re talking new database structure, new networking architecture, and new changes to the user interface. I’ll try to sneak more details out to you next month.