Click on the screenshot to enlarge it
With a few exceptions (the One Time Links feature being one of them), everyone who uses SideOffice must log in. Every login is recorded, so it is clear to an administrator who is using SideOffice and who is not.
The system also supports Two-Factor authentication - that's the same system used by many banks. That approach requires that your users install Google Authenticator on their phones, and type in a single-use code every time they log in.
Once logged in, the pages and features a user can get to are controlled by their Privilege Level and Areas. These are set when a user is created by a level 15 user, and can be changed at any time. Consequently, it is easy to create users who, for example, may view, but not edit any record.