Configure > Security

Audit Log

This page is only accessible to members of the "Super User" admin group.

The greatest threat to your data comes from your own employees. Be sure to give your employees proper instruction with regard to your policies regarding cardholder data. Create a set of written policies and procedures to maintain the integrity of your secure environment. Restrict the number of employees who have access to the cardholder data as much as possible.  You can do this in AbleCommerce by creating roles for your employees.  See People > User Groups for built-in permissions to specific areas of the merchant administration.

In AbleCommerce, all user accesses of credit card data are written to the write only audit log. This log can help you monitor employee activities and identify suspicious behavior. It records events such as successful and invalid login attempts, viewing of credit card numbers, viewing of audit log, backup and restoring of encryption keys, etc.

View the Audit Log

Go to Configure > Security > Audit Log to view a page similar to the one shown below.

auditlog.gif

Click on the column heading to sort.  Shown left to right are -

  • Date: The date and time of the event.

  • Event: The type of event that took place.

  • Success: Whether or not the event was successful.

  • User: The username (email) of the user who performed the action.

  • Re:

  • IP: The originating IP address.

  • Comment: As needed, comments about the event.

 

 
Related Topics

Configure > Security > General
Turn on secure SSL pages and configure credit card settings.

Configure > Security > Encryption Key
Secure your data by changing the encryption key.

Manage > Orders > Payments (Credit Card Transactions)
Process credit card payments and refunds online.

People > User Groups
Use groups to provide access to certain features or set user specific discounts.