Guide to QuickBooks Online Security

in category: Accounting | Automation

Compared to the real world, the internet is a level playing field for business owners, where opportunities often reserved for the big corporations are open to smaller players. The universality of the web has been a major factor in its exponential growth in a relatively short period of time. However, the ease of use and availability of the internet comes at a price. There is one issue that all users – whether a VP of a large company or an online florist or just a Facebook user – have to worry about all the time: cybersecurity.

Of course, in real life, people can rob your store and steal from the cash register. But there is something deeply unsettling about the idea that a person sitting behind a computer can wreak havoc on your business and essentially turn your life upside down. In medieval times such a person would have been called a witch. Today we call them hackers.

If even part of your business operations involves online activity and you have not actively taken steps to ensure cybersecurity, chances are that you are vulnerable to attacks from all sorts of criminals, starting from the petty thief who siphons off a little bit of cash to the big-time crook who can steal your identity and shut you down.


What You Can Do

Even though the internet is perhaps a lot more egalitarian than the real world, the resources that a business can muster are definitely a major factor in cybersecurity. Larger companies can afford to pay hackers to detect flaws in their systems, and security analysts to fix them. While this does mean that big players have an edge, there is definitely a lot that small business owners can do to ensure better security, especially compared to what they are doing now.

In 45% of small businesses, employees do not receive any training on Internet security. This leaves the business vulnerable to attacks, since a careless employee can probably do as much damage as one with criminal intent. Internet safety does not require everyone to be tech-savvy, but owners should ensure that employees receive at least some training before being allowed access to the digitized systems.

There should also be a formal security policy that seeks to protect sensitive information about the business and clients. Surveys show that 77% of small businesses do not have such a policy, so there is a lot to be done in this area. Being proactive can make all the difference in the world in cybersecurity. It is definitely a much wiser path than sitting and waiting for criminals to make a move.


The Risks and Requirements

Cybersecurity spans methods of dealing with threats from both outside and inside the organization. A skilled hacker sitting thousands of miles away can do as much damage as an employee stealing information directly from the computers. If the two are linked, it can be even worse.

For businesses, often the biggest threat comes from the possibility of corporate espionage. Sensitive information about the business can provide competitors with an unfair advantage by giving them knowledge about the internal workings of the business. For instance, if company B knew in advance the release date of a certain product of company A, it could push up the release of a similar product and occupy the market before company A has a chance.

There is also the issue of money. Yes, electronic money can also be stolen, just like plain old cash. To prevent this, it is not enough to merely restrict access to the money. In a business, many people must have access to the company’s accounts if they are to do their jobs, and even more will need access to financial records. So there must be active oversight on financial transactions to ensure than wrongdoings do not happen and, even if they do, aren’t covered up.

Cybersecurity is an issue that businesses of varying sizes need to be concerned about. There is no reason to believe that a small business would suffer less than a large one. But big businesses can afford to spend more resources on cybersecurity. Therefore, small business owners need a cost-effective solution for ensuring security, especially for their online operations. And to make operations secure without interrupting the day-to-day activities, the solution should ideally be embedded in the platform, such as Quickbooks Online, rather than being a third-party service. This will ensure maximum compatibility and security.


Quickbooks Online Security Settings

Small business owners can take advantage of the security features of Quickbooks Online, which provides users with a simple yet effective model of cybersecurity.

Firstly, you have the ability to determine what a user is and is not allowed to do, based on their role in the business. This limits the number of people who can potentially tamper with important data, without taking away the advantages of online access altogether. For example, an employee who only needs to fill out time sheets can be allowed to just that without giving access to other parts, by selecting “Time Tracking only” when choosing the user type. If you wish greater flexibility, you can choose “Regular or custom user” which lets you decide which areas of QBO the user can access.

QBO_manage users

QBO_user access_part 1

QBO let’s you specify the user’s access and administrative rights, as shown below.

QBO_user administrative ability_part 2

QBO_user admin rights_part 3

Last but not least, you can have an overview of account activities through the audit logs. This feature lets you view all the transactions – however small – and link them to the relevant user accounts. This makes it easier to detect unexpected actions and ask explanations for them, and should act as a deterrant for people with criminal intentions.

QBO_Audit Logs