Your QuickBooks company file is possibly the most important element of your business. Keep it safe from fraud and intrusions by following the best practices outlined in this article.
In an increasingly digital world, it becomes more important every day to protect your sensitive information, especially that which is critical to the operation of your business. The last thing you need is to have your accounting data compromised or stolen. Worse yet, for the same thing to happen to your clients or customers as a result of your own data breach. There are numerous steps you can take to protect yourself from threats, both internal and external. With a combination of common-sense practices, strong company policies, and safeguards offered by QuickBooks itself, you safeguard your business against data theft or destruction. Let's take a look at what you can do to protect your business's data. Keep Your Systems Safe Maintaining the integrity of your computer's operating system sounds like a common-sense precaution, but it's also one of the best ways to protect your data. Safeguard all of the applications and information you have stored on your computer with security software from a reputable antivirus/anti-malware company. For passwords, consider using a password generator to keep your passwords strong, use dual-authentication wherever you can, and store this information in a secure place. Additionally, QuickBooks Desktop will prompt you to change your password every 90 days. While this may feel like a nuisance, it's an important safeguard to protecting your data.
You can set up automatic updates in QuickBooks to download and install new functionality and bug fixes. Updates and Backup
QuickBooks’ own updates are critical, too. You can start these manually, but we recommend setting up automatic updates. Open the Help menu and click on Update QuickBooks Desktop. Click the Options tab to access this tool. Frequent, safely-stored backups are another essential element of overall data security. There's a saying in IT that "Two is one and one is none," meaning that if you only have one copy of something, you have zero copies if something goes awry. If your system is compromised by an intruder, you’ll need to be able to restore your most recent QuickBooks file when it’s safe again. Go to File | Back Up Company to set up either a local or an online backup. Use one of these tools at the end of any day you’ve entered anything on QuickBooks. We can help you with backup if you’re not sure how to do it. Networks and Smartphones If you have multiple PCs that run on a network, it’s important to maintain that system’s health, too, since an intrusion at one workstation can affect everyone. You can do this by:
Discouraging employees from browsing the web excessively and downloading unnecessary or unapproved software.
Educating employees about handling emails responsibly (no clicking on unknown attachments, no personal email on work computers, checking the email address of a sender, hovering over links embedded into the email before clicking them, etc.)
Installing network monitoring software or hiring a managed IT service that only charges when you need them.
Do your employees have company-issued smartphones? Make sure their security systems are sound. Set policies to protect them. For example, tell employees they should never use them on a public Wi-Fi network or install personal apps. Internal Fraud Possible No business owner anticipates that their own employees would steal from them. But it happens, and it can do tremendous financial damage. To minimize your chances of being victimized, limit the access that employees have to sensitive information in QuickBooks Desktop.
You can limit the access permissions each user has in multiple areas. Go to Company | Set Up Users and Passwords, then click Set Up Users. You should be listed there as the Admin. Click Add User and supply a username and password. If you’re not sure how many users are supported on your license or need to add more, contact us. Click Next and then click the button in front of Selected areas of QuickBooks. Click Next again. On the next several screens, you’ll designate this user’s access in areas including Purchases and Accounts Payable and Checking and Credit Cards. When you come to the end of the wizard, click Finish. You might also consider running a background check when you hire someone who will have access to QuickBooks. It’s becoming an increasingly common business practice. QuickBooks provides additional tools that can be helpful in tracking down suspicious activity. For example, you can view the Audit Trail by going to Reports | Accountant & Taxes | Audit Trail. This report displays a comprehensive list of transactions that have been entered and/or modified. There are other reports that may be helpful, too, like Missing Checks, Voided/Deleted Transactions, and Purchases By Vendor. Checking these reports on a regular basis will help you detect internal fraud quickly and mitigate any damage done. A Never-Ending Process With all the balls you must juggle on a day-to-day basis to keep your business operational, it can be easy to get too caught up and forget to take the steps required to keep your QuickBooks data—and all of your computer hardware and software, for that matter—safe. Further, you might think your business isn't large or important enough to be targeted by fraudsters and hackers, but this is exactly what cybercriminals expect you to think, and why you could be just as likely a target as a large corporation. Whether or not criminals gain access to your funds, they can do a lot of damage with sensitive information that will end up costing you more time and money than you might think. Stay vigilant, apply best practices, and schedule a regular cadence of security checks to mitigate risk. Security should be considered whenever you deal with financial transactions – especially where the internet is involved. If we can be of assistance as you set up safeguards and company policies, let us know. As always, we’re available to answer any questions you might have about QuickBooks operations in general.