| AWRA OpsHub

 Search
Intermediate Certificate on pass

Security & Data Protection

Protect access and data with everyday habits — trusted devices, the document vault, and safe sign-in.

4 lessons 35 min 5-question assessment 70% to pass
Take the assessment

What you’ll learn

  • Explain the shared responsibility for security
  • Use strong authentication and device trust
  • Store sensitive documents safely in the vault
  • Adopt safe access habits that protect the business

Course content

4 lessons · 35 min of reading
01
Lesson 1 of 4 Reading 8 min

Security is shared

AWRA protects data with encryption, access controls, and audit trails — but no platform can secure an account whose password is shared or whose device is left unlocked. Security is a partnership: the system provides the controls, and people use them well.

Most breaches are not exotic; they are mundane — a reused password, a phishing click, an unattended screen. Understanding that everyday behaviour is part of security is the first real defence.

The shared till login is the classic example of the system being undone by habit: it is convenient, so a whole shift uses one account, and now the audit trail can no longer name who voided the sale or who was logged in when the drawer came up short. Convenience that erases accountability is not a shortcut, it is the breach waiting to happen — give every person their own login even where it feels like extra effort.

Key takeaways

  • The platform provides controls; people must use them well.
  • Most breaches come from mundane habits, not exotic attacks.
  • Everyday behaviour is part of security.
  • A shared login is convenience that erases accountability — give every person their own, even at the till.
02
Lesson 2 of 4 Reading 9 min

Strong authentication and device trust

Strong, unique passwords and multi-factor authentication (MFA) make a stolen password far less dangerous, because access also needs a second factor. Device trust adds another layer: recognising the devices a user normally signs in from and treating new ones with extra caution.

These controls are cheap to adopt and expensive to skip. MFA in particular stops the large class of attacks that rely on a password alone.

Prioritise by blast radius: turn MFA on for the admin, finance, and approver accounts first, because those are the ones an attacker most wants and the ones that can move money or change configuration. A compromised cashier login can run a few fraudulent refunds; a compromised admin login can rewrite roles and exfiltrate the vault. Protect the keys that open the most doors before the ones that open the fewest.

Key takeaways

  • Unique passwords plus MFA blunt stolen-password attacks.
  • MFA requires a second factor beyond the password.
  • Device trust flags unfamiliar sign-ins for extra caution.
  • Enable MFA on admin, finance, and approver accounts first — those keys open the most doors.
03
Lesson 3 of 4 Practice 9 min

The document vault

Sensitive documents — contracts, identity records, financial files — should not live in email threads or shared drives. AWRA’s document vault keeps them in a controlled, access-governed place where who can see them is deliberate and recorded.

Centralising sensitive files is both safer and easier. Instead of copies scattered everywhere, there is one governed source, and removing someone’s access removes it everywhere at once.

The habit that defeats the vault is the “quick copy” — someone downloads the supplier contract to email it, and now an ungoverned copy lives in an inbox the vault cannot reach. Share by granting vault access, not by attaching the file; if a partner truly needs a copy outside, treat that as a deliberate, logged decision. The vault only protects what stays inside it.

Key takeaways

  • Sensitive files belong in the vault, not email or shared drives.
  • The vault governs and records who can access documents.
  • One governed source beats scattered copies.
  • Share by granting vault access, not by emailing copies — a downloaded file escapes every control the vault gives you.
04
Lesson 4 of 4 Reading 9 min

Safe access habits

The daily habits matter: lock your screen when you step away, never share credentials, sign out on shared devices, and be wary of unexpected links asking you to log in. None of these is difficult; together they close the doors attackers rely on being left open.

Because every action is tied to an account, protecting your account protects the integrity of the record. Safe habits are not just personal hygiene — they keep the whole system’s history trustworthy.

Learn to spot the phishing pattern aimed at exactly this system: an urgent message — “your AWRA session expired, log in here to approve a pending payment” — pushing you to a lookalike page. The tells are urgency, a link you did not initiate, and a login prompt arriving by message rather than you opening the app yourself. Rule of thumb: never log in from a link someone sent you; open AWRA the way you always do and check there.

Key takeaways

  • Lock screens, never share credentials, sign out on shared devices.
  • Be wary of unexpected login links (phishing).
  • Protecting your account protects the integrity of the record.
  • Never log in via a link someone sent — open AWRA yourself; urgency plus an unsolicited login prompt is the phishing tell.

Finished the material?

Take the 5-question assessment and earn your certificate — 70% to pass.

Take the assessment

More in this path

Workflow Builder Basics

Open course

Approval Workflows

Open course

Admin, Tenant, and Platform Operations

Open course

Help Center

Need a quick answer while you read?

Run inventory, procurement, assets, sales, and field work with approved AWRA guidance for setup, migration, integrations, security, pricing, and support.

Search all approved AWRA public help articles.

Open Help Center