1. Access the User Menu:
In the Posterita Lite Back Office, navigate to the User Menu.
2. Create a New User:
Click to add a new user.
The minimum information required to create a user includes:
- Username and PIN (for accessing the POS).
- To grant access to the Back Office, provide the user's Email Address and set a Password.
- You can also enter additional information, such as the user’s Phone Number and Full Name.
3. Assign Admin or Standard User Access:
If the user is an Admin, they will have full access to all system features.
For a Standard User, you can restrict their access by assigning specific permissions.
4. Assign Permissions:
For standard users, select the specific permissions based on their responsibilities. The available permissions include:
- Cash Up (Allow users to reconcile cash at the end of the shift/day). Incorrectly managed cash reconciliation can lead to discrepancies that may be used to cover up theft.
- Cash Adjustment (Permit users to make adjustments to the cash register totals). This can be a significant fraud risk if users manipulate cash totals without oversight. Ensure only trusted employees have this permission, and there is a clear audit trail.
- Void Sales (Enable users to cancel or void a sale transaction). Voiding sales without proper validation could be used to hide sales and misappropriate funds. Always monitor void transactions to detect unusual patterns.
- Refund Sales (Allow users to process customer refunds for previous sales). Fraudulent refunds are a common tactic for theft, such as refunding an item at a higher value or issuing a fake refund. Ensure all refunds are properly documented and reviewed.
- Delete Hold Orders (Permit users to delete orders that are put on hold). Deleting hold orders could be exploited to remove records of sales or inventory movement, which is critical for tracking.
- Reprint Receipt (Enable users to reprint customer receipts after a transaction). Note that excessive use of this permission without valid reason could indicate potential fraud, as some employees may reprint receipts without recording sales to pocket cash. Monitoring receipt reprints can help identify fraudulent activities.
- Open Drawer (Allow users to manually open the cash drawer). Uncontrolled access to the cash drawer can lead to fraud, so only trusted users should be given this permission. Frequent manual drawer openings without sales can be a red flag.
- View Payments (Permit users to view payment details of transactions). Providing visibility to payment details should be restricted to ensure sensitive financial information is protected. In some cases, employees may misuse this permission to view transaction details before reconciling their till, effectively manipulating records to match cash discrepancies and bypass the intended blind reconciliation process. This kind of misuse compromises the integrity of cash reconciliation and audit trails, potentially facilitating fraud.
- Discount Limit (%) (Set a maximum discount percentage that a user can apply to sales). Limiting discount permissions can help prevent abuse, such as applying unauthorized discounts and pocketing the difference. Discounts should be monitored regularly for any unusual patterns.
- Access to Back Office (Grant access to the Posterita Lite Back Office for advanced functionalities). Back Office access should be tightly controlled to ensure sensitive business information and settings are not tampered with.
5. Save the User:
After entering the required information and assigning permissions, click Save to add the new user to your POS system.
Important Tips
Assign Permissions Carefully: Assign permissions carefully to ensure each user only has access to the features they need for their tasks. Limiting permissions can prevent errors or unauthorized changes, as well as reduce opportunities for fraudulent activity. Keep in mind that permissions like refunds, voids, and cash adjustments are particularly sensitive and can lead to significant financial losses if abused.
Admin Users: Admin users have full access, so it’s important to limit admin accounts to key personnel to maintain control over critical settings and minimize the risk of unauthorized changes.
Update or Remove Users: You can update permissions or remove users at any time by going back to the User Menu. Removing access when a team member leaves or their role changes helps maintain system integrity.
- User Roles and Security: Carefully manage user roles to balance operational efficiency with data security. Fraud prevention is a key consideration—inappropriate access to features like refunds, cash adjustments, or reprinting receipts can lead to financial losses. Establishing an audit trail for actions taken by each user helps in identifying and investigating any suspicious activities.
- Monitor Activity: Regularly audit user activities, particularly for permissions involving money movement, such as cash adjustments, refunds, and drawer access. This helps identify potential fraud attempts early and ensures that the POS system remains secure.