1. Commerce
  2. NetSuite Point of Sale (NSPOS)
  3. NSPOS Administrator Guide
  4. Company
  5. Employees and NSPOS

Employees and NSPOS

This section is a guide to setting up and managing your employees that perform tasks or need access to NetSuite Point of Sale (NSPOS).

Also see Working with the optional Time Clock in NSPOS.

Note:

NSPOS application menus might use the term operator instead of employee. Unless required for making an entry or adjustment in the application, we use the term employees in this guide.

Employees Roles, Passwords, and Idle Time-outs

Use these topics to assist your employees with their NetSuite Point of Sale (NSPOS) access levels, passwords, and other NSPOS access tasks.

Typical NSPOS Employee Roles

The following are the employee types in a typical NSPOS retailer setup. These types and their access levels are set using Roles to grant the required permissions.

  • Sales Associates – Perform sales transactions and work with customer information.

  • Specialists – Perform tasks that require training and responsibilities beyond a basic sales associate.

  • Openers/Closers – Perform sales associate and specialized tasks plus can be delegated to perform beginning of day and end of day till tasks.

  • Managers – Perform beginning of day and end of day till tasks, can sign in during transactions to authorize discounts or other overrides, run reports and assist employees with optional time clock issues.

  • Administrators – Set up employees, customize NSPOS to fit business needs, perform other tasks described in this guide.

The list of duties is not comprehensive. These are brief descriptions only and your business may use its own customized positions or roles.

Note:

To match the term used on certain pages within the NSPOS application, some topics or steps use operator to refer to an employee.

Roles to Grant Permissions

In NSPOS, we grant permissions using roles / groups that are assigned to Resource IDs.

For the steps to change a role, see Changing an Employee’s Security Role.

Employee/Operator Role/Group

Operator Role/Group ID

Resource ID

Sales Associate, Cashier, xPOS Access

100

2

Specialist

200

2

Opener / Closer

500

9050

Manager

700

9070

System Administrator

900

9090

Each Resource ID provides a basic set of permissions that are typical for retail transactions, such as processing sales, taking returns, applying discounts and entering customer information. Managers are assigned roles with Resource IDs that have greater permissions, allowing overrides and other high-level functions not available to sales associates. Administrators have Resource IDs that include permissions to access and configure almost any area in the NSPOS application.

When an employee/operator tries to access a function not available to their Resource ID, an authorization override window displays that may include manager steps for authorizing the employee/operator to proceed.

As an administrator, you can adjust security by assigning roles to employees and adjusting the Resource IDs required to access function buttons and pages. This chapter lists steps to adjust security roles at the employee level only. To adjust the role required to access a function, see Set Button Security and Set Page Security. Most setup tasks, including editing an existing employee/operator or unlocking an account, require 9090 level access.

Authentication

An employee/operator logs into NSPOS with a User ID and Password. The User ID is the RA-Operator ID set up on their employee record (RA-Employee Form) in NetSuite ERP.

The "accountability" method used for till and cash drawer management determines whether a single employee User ID can be used to log into more than one register at the same time.

  • If you use Operator Accountability for till management, a User ID can only be logged into one register. If an employee moves to another register, they must log out of the current register.

  • If you use Register Accountability for till management, a User ID can be logged into multiple registers. This setup is sometimes called "parallel" or "concurrent" authentication.

For more information about till accountability methods, see Register (Till) Accountability vs. Operator (Till) Accountability.

Passwords

Signing into NSPOS requires entering a User ID and Password. NSPOS uses the Payment Application Data Security Standards (PA-DSS) to determine requirements for setting and maintaining passwords.

The rules and options for customizing your password setup depend on your current NSPOS release.

Password Requirements NSPOS 2018.2.X

  • For the administrator role: :

    • Passwords must be at least 7 characters and include both letters and numbers.

    • Passwords must change every 90 days.

    • New passwords must be different than the previous 5 passwords.

  • For all other roles:

    The administrator can set up individual passwords per your store or company's policies. These passwords do not expire. Follow PA-DSS guidelines on passwords to ensure your store is in compliance.

    To set up a new employee’s password, see Complete the Employee Setup in NSPOS 2018.2.X. Also see Resetting an Employee Password.

Password Requirements NSPOS 2019.1.X

This release and later versions include features you can use to customize your NSPOS password requirements.

Password Requirements NSPOS 2020.1.X and Later

  • Employee passwords for NSPOS are valid only on registers within their assigned locations

    See Location and Working Hours Restrictions.

  • If an employee record is inactivated, that employee’s NSPOS password will no longer function at the locations to which the employee was assigned

  • Employees with an NSPOS Manager role have the option to unlock associate accounts and reset passwords. Managers can perform these tasks only for roles with fewer permissions (lower access levels), such as Sales Associate, Specialist, and Opener/Closer.

    This password feature is disabled by default in the RA-Setting record.

To enable managers to unlock accounts and reset passwords:

  1. Log in to NetSuite as an administrator.

  2. Go to Customization > Lists, Records & Fields > Record Types.

  3. Locate RA-Setting and click List

  4. Find Allow Managers to Manage Passwords and click Edit.

    Edit setting to allow managers to change passwords

  5. Check the Value box to enable this password feature.

    Or clear the box to disable the feature.

    Box to enable password feature for managers to reset

  6. Click Save.

    Warning:

    Do not edit other RA-Setting options unless you are trained to do so or receive specific instructions. Incorrectly changing a setting could impact your NSPOS processing,

Note:

By default, employees set up prior to upgrading to NSPOS 2020.1.X can log in at any location.

Tip:

If an employee is inactivated in NS ERP by mistake or if an employee returns to active work after their record was inactivated, the best practice is to set them up as a new employee. See Setting up a New Employee.

Location and Working Hours Restrictions

Applies to NSPOS 2020.1.X and later.

You can set up employee location-restrictions in NetSuite ERP that limit where an associate can log in. Prior to NSPOS 2020.1.X, this feature was available only from an NSPOS register. You can also restrict access to only the working hours assigned to the employee’s normal shift.

Tip:

You can modify location and working hour assignments as needed.

Location Restrictions

You can limit the locations in which a cashier, sales associate, or other employee can log into an NSPOS register. By specifying the authorized locations, the employee will be unable to log in at other “unassigned” locations.

Multiple locations can be authorized, with the default for new and existing employees being “all locations.” Locations can be assigned using the employee record in NetSuite ERP or the management function in NSPOS. A store manager (Resource ID 9070) or administrator (Resource ID 9090) might use the NSPOS option to change location restrictions from an NSPOS register.

Warning:

If no location is set up for an employee, and they no longer have the “all locations” default, they cannot log in to any register in any location.

Important:

If a manager edits their own employee record and removes their access to the location from which they are currently logged in, they will be unable to log back in at that location.

If an employee must work another employee’s shift at a location to which they are not assigned, the store manager or administrator can use these steps to authorize the location to that employee.

To set up location restrictions in NetSuite:

  1. Log into NetSuite.

  2. Go to Lists > Employees > Employees.

  3. Click Edit for the employee to assign locations.

    Important:

    Although the default is “all locations,” if you Edit an employee record, you must set up their location restrictions.

  4. For Custom Form, select RA -Employee Form.

  5. On the RAPOS subtab, under Location Restriction, highlight one or more locations for which the employee should have access.

    This "restricts" the employee to only logging into NSPOS at those locations.

    Tip:

    Press the Ctrl key to select multiple locations. If no locations are highlighted, the employee can log into all locations.

    Location restriction setup

  6. Click Save.

    Note: After setting up a location restriction, there is a brief delay needed to synchronize the restriction between the replication server and NetSuite ERP.

Tip:

To review location assignments, click View on the employee’s record and open the Custom subtab.

Note:

If a location assigned to an employee is set to Inactive, viewing the employee’s record will still show the assignment. Editing the employee record will remove the assignment.

To set up location restrictions in NSPOS:

  1. Press Ctrl+F12 on the keyboard to open the Function List.

  2. Enter part of the employee’s name receipts in the search field.

  3. Tap the employee’s name.

  4. Under Location, tap the “binoculars” search icon.

    Tap the locations to which the employee should have logon access.

    Tip:

    To grant an employee access to all locations, highlight all locations.

    If your list of locations is large, enter search criteria at the top to display a specific location.

    Employee record in NSPOS

  5. Tap Done to close the location list.

  6. Tap Done to save the restriction assignments.

Important:

If a manager edits their own employee record in NSPOS and removes access to the location from which they are currently logged in, they will be unable to log back in at that location.

No Temporary Override for Locations

A location restriction cannot receive a temporary override. If an employee needs a temporary authorization, a manager or administrator can create a “new” employee and authorize them to the location.

If an employee must work another employee’s shift at a location to which they are not assigned, the store manager or administrator can use the previous steps to add the location.

Working Hour Restrictions

Use the NSPOS working hours feature to limit register access by the hours assigned to an employee’s shift. The option prevents an employee from logging in outside of those hours, and will automatically log off an employee when their working hours end. The employee is prompted on the register 15 minutes before they are logged off.

This feature is helpful for managing overtime hours and for preventing unauthorized access when a store is not open. The default for new and existing employees is no working hour restrictions.

Things to note:

  • Working hours run from 12:00 AM to 11:59 PM in the register location’s time zone

  • Working hours apply to all seven days of the week.

  • Working hours are set and can be viewed in NetSuite ERP

  • Working hours are not available for viewing from an NSPOS register

  • Working hours can be temporarily extended for up to 12 hours

Tip:

If a scheduled employee is not available for a shift, their substitute’s working hours can be extended. However, the substitute must be authorized to work in the location.

Important:

Working hours are set within a 24–hour period that starts and ends at midnight. You cannot using set up “night shift” hours that overlap the midnight transition.

At Working Hours Shift End

Prior to automatically logging off an employee, NSPOS verifies whether a transaction is open (in progress) on the register. This check is done to prevent data loss and to avoid impacting your business.

  • If a transaction is open, the log off is paused until immediately after the transaction is closed

  • If there are no open transactions, the log off occurs as expected

To set up working hours for an employee working in NSPOS:

  1. Log into NetSuite.

  2. Go to Lists > Employees > Employees.

  3. Find the desired employee and click Edit.

  4. For Custom Form, select RA -Employee Form.

    RA-Employee Form

  5. Open the RAPOS subtab.

    RAPOS subtab

  6. Check the Working Hours box.

  7. Enter the Shift Begin and Shift End times.

    Working hours apply to all seven days of the week.

    Important:

    An employee cannot log into NSPOS until their working hours begin. If an employee needs to log in before their shift to prepare the cash drawer or perform other register tasks, set their hours to begin at least 30 minutes early.

  8. Click Save.

Tip:

To review a working hours assignment, click View on the employee’s record and open the Custom subtab.

Extending a Working Hours Shift

When the employee receives a 15 minute log off alert, an option is provided for a store manager (Resource ID 9070) or administrator (Resource ID 9090) to extend their shift. A shift can be extended up to 12 hours and is entered in minutes, from 1 to 720. The default time to extend is 15 minutes.

If a shift will extend past midnight local time, a new extension must be entered when midnight is reached.

Lockouts after Invalid Sign-on Attempts

NSPOS will lock out an employee after five sign-on attempts that fail due to entering an incorrect password. This action blocks the employee’s access to the register. Administrators are responsible for unlocking accounts. See Unlock an Employee’s Account. Contact NetSuite Customer Support if you need more information or assistance.

Idle Time-outs

It is important that an NSPOS register not be left unattended with an employee logged into Sales Mode. Depending on the logged in Role and NSPOS release, the register will automatically switch to Closed Mode after a certain amount of time has passed without any input.

For till management using "Operator (Till) Accountability," an idle time-out is treated the same as choosing Lock, keeping the cashier logged in and their till restricted to use on that register only. See Register (Till) Accountability vs. Operator (Till) Accountability.

  • Idle Time-outs in NSPOS 2018.2.X:

    For the administrator role, a register left idle for 15 minutes will log the administrator off and switch to Closed Mode. Access to NSPOS from the register is denied until the administrator or other role signs on again.

    For all other roles, The register will not time out through NSPOS. Instead, Windows® screen-saver lock methods should be used to secure the register if it is left unattended.

  • Idle Time-outs in NSPOS 2019.1.X or later:

    For the administrator role, a register left idle for 15 minutes will log the administrator off and switch to Closed Mode. Access to NSPOS from the register is denied until an administrator or other role signs on again.

    For all other roles, administrators can set the desired idle time-out period. See Configuring Password Requirements by Role in NSPOS 2019.1.X or later and review the setup for Auto Lock Down Period in Minutes.

Related Topics

Company
Reports in NSPOS

General Notices