Your QuickBooks company file probably contains incredibly sensitive information, including customers’ credit card numbers and employees’ Social Security numbers. If a hacker or other unauthorized user gained access to that data, it could create huge problems for your company and those whose sensitive data is saved on your computer.
This type of security breach represents the worst-case scenario. But other situations involving loss of company data through fraud, hacking, or technical failures also can spell disaster for your business. And whether someone steals this sensitive data or it becomes inaccessible for another reason, losing it could have serious consequences for your business.
But there are steps to take that can protect sensitive data and stop security breaches.
Internal safeguards
No business owner wants to believe that employees could commit fraud, but it happens. Internal threats are a real concern. Your company file contains credit card and account data that could be hacked and used illegally, but you can restrict user access to specific areas and actions within QuickBooks.
You can limit your employees’ access to certain areas and activities within QuickBooks.
To get started, open the Company menu and choose Set Up Users and Passwords | Set Up Users. The User List window opens. It should have at least one entry there, for you as the administrator. Click Add User and enter a designated employee’s name and password in the next window that opens; then click Next.
On the next page of this wizard, click the button in front of Selected Areas of QuickBooks. The following screens will let you indicate that employee’s access permissions in areas like Sales and Accounts Receivable, Inventory, and Payroll and Employees. When you’ve clicked through every screen and reviewed the summary, click Finish. That user will now be able to sign in and access the areas you specified.
One tip to keep in mind: Your QuickBooks license limits you to a specified number of users. If you’re not sure how many you’re allowed, click F2 to open the Product Information page. The number of user licenses you’ve paid for appears in the upper left.
You can also take other steps to keep your QuickBooks data safe. If your company has an IT expert or team, they will probably handle the big-picture data security issues. But there are a few other measures you can take on your own.
Keep your operating system and applications updated
Don’t ignore this dialog box.
Software companies’ updates offer more than new features and bug fixes. They sometimes refresh your software to ensure greater security based on the latest threats. Don’t forget to update your antivirus and anti-malware applications, along with QuickBooks itself.
Keep your networks safe
Just as a cold virus can spread around your office, so can unwanted intrusions like computer viruses. Don’t let an electronic epidemic get started at your business; you can take these proactive steps to help minimize risk:
Discourage employees from excessive web browsing: This rule can be difficult because some of your employees might need internet access for research, timecard entry, and other work-related tasks. Create a firm policy that details what your staff can and can’t do on company-issued equipment (including tablets and smartphones) or any personal devices that use your wireless network.
Ask employees to avoid using public networks on work equipment: Strictly enforce these rules and make compliance an element of routine performance evaluations. Best Practice: Don’t use public Wi-Fi networks – period.
Minimize app installations on business smartphones: Employees should be required to get approval before installing apps. Viruses and malware can infiltrate your systems through apps, as well as through websites and email attachments.
Use monitoring software: If you don’t have a “managed IT” (à la carte, third-party IT service) provider, install an application that can alert you when problems arise.
For even stronger security with QuickBooks Online, we recommend adding multifactor authentication for every user.
Use common sense and be cautious
You can fight data loss and theft by exercising caution:
- Be diligent about creating backups. If you create them on a local, portable device, don’t leave them in the office. Cloud-based solutions are a more secure option.
- Shred papers that contain sensitive information.
- Log out of QuickBooks when you’re not using it and when you leave the office.
- Be aware of those around you potentially looking over your shoulder.
We take data security seriously in our own company, and we strongly encourage you to emphasize its importance in your business as well. Contact us if you have questions about how to best secure sensitive data in your QuickBooks company file, or if you’d like assistance minimizing data security risks in general.
If you’re considering managed IT services, contact our affiliate, Kraft Technology Group, at 615-782-4254 to discuss your business’s specific technology needs.
KraftCPAs can help.
Call us at 615-242-7351 or complete the form below to connect with an advisor.