Is there a way to prevent people from being able to install the sage Exchange credit card processing add-on/tool? I've found that even with general Customer privileges (Full Access) you can still install this add-on. It would be nice if Sage added a security option that would let an Administrator set a flag to prevent certain people from installing this (and other add-ons) while still allowing them to fully manage Customers and contacts. My concern that I have (which I have verified can be done) is that someone can then use the software to look at credit card numbers, even though the 3-digit security code is not present. But they can still get the card number and expiration date just by installing this add-on.
↧