Managing User Permissions in QuickBooks Online to Enhance Security
Updated: Sep 9, 2022
Does more than one person need to access your QuickBooks Online file? Learn how to add new users without compromising your company's security.
Your QuickBooks Online file contains a great deal of confidential information, including customer credit cards and employee Social Security numbers. While it's likely you trust your employees with this information, there are safeguards you can--and should--put into effect. These include tailoring your employees' permissions in QuickBooks Online so they can only see precisely what they need to in order to do their job effectively and nothing more.
Adding a New User
Let's explore the different roles a user can have. If you need to set-up a new user, click the gear icon in the upper right and select Manage Users. Your name should be listed as Master Administrator already. To add a new user, click Add User. The screen that opens will ask you what type of user you’re adding. There are four options to choose from:
Standard User: this user can have full or limited access, but they won’t have administrator privileges.
Company Admin: At this level, the user can see and do everything.
Reports Only: This user has access to all reports, except those that contain payroll or contact information.
Time Tracking Only: This role is usually assigned to employees who only need to access QuickBooks Online in order to enter their own timesheets.
The first two options (Standard User and Company Admin) count toward your user limit, but the second two options do not. Select the desired user type and click Next. We’ll select the Standard User in this example.
On the screen that opens, you’ll assign access rights, telling QuickBooks Online what the User’s restrictions are. You can choose All (with or without payroll access), None (allows some activities), or Limited. Select Limited, then check the box in front of Customer. You’ll see the list of specific actions that the individual can take--like creating invoices, sales receipts, and statements--and the screens that they can see: customer registers and reports, tax rates and agency settings, etc.
There’s also a list of what they can’t do: print checks, view bank registers, and prepare a sales tax return.
Let's try something else. Uncheck the box in front of Customer and select Vendor instead. You’ll see a list populate that looks similar to the one we just viewed, except that the activities now relate to your accounts payable. See the clipping below:
Click Next if the user will be entering their own timesheets in QuickBooks Online. Click the button in front of Yes, then select the correct name from the drop-down list. Click Next. Answer the User Settings questions on the next screen and click Next. Enter the User’s name and email address (this will be their user ID) and click Save. QuickBooks Online will now return you to the Manage Users screen, where you’ll see that your new user has just been added to the list. This new user will receive an email invitation to set up their account, plus instructions on how to do so.
Need Greater Customization for Your User Permissions?
If the User Permission options mentioned above are not comprehensive enough for your company's needs, contact Account Ability Consulting about the benefits of upgrading to QuickBooks Online Advanced. Among a suite of robust features offered, QBO Advanced allows you to quickly put the right information in the right hands with custom user roles. Create custom permissions for deposits, sales, and more.
Other Security Tips
There are other ways you can keep your company’s data safe. Below are some best practices to consider implementing to improve your security:
Always update your operating system and applications when prompted. These updates often contain security patches along with bug fixes and new features.
Keep backups secure. Cloud backups are ideal, but if you use a local device, make sure it's not easily accessible.
Don't leave QBO unattended. Log out of QuickBooks Online whenever you’re away from your desk.
Secure QBO Printouts. Store printouts in a locked container as long as you need to access them and shred when no longer necessary.
Protect your networks. Discourage excessive web browsing by employees. Don’t allow extraneous app downloading on company equipment and ask employees not to use company mobile devices on public networks. Consider network monitoring software if you can’t afford managed IT.
We follow security best practices in our own offices, and we hope you’ll do the same in yours. Proactively applying safeguards will help prevent data theft that can be detrimental to your and your clients' businesses. If you have any questi