System security

A customer asked me about how secure their information is to access by unauthorized people through hacking.

It is not clear whether you mean (1) a customer of yours, that is, someone who buys goods or services from you and wants their buying history protected, (2) a client who obtains accounting services from you using Manager, or (3) someone who runs Manager on their own. Regardless, nobody can answer that question without a rigorous technical security analysis and audit of practices. It would depend on many factors, including:

  • The edition of Manager being used (desktop, server, or cloud)
  • Physical security measures involved in protecting the machine(s) Manager is run on
  • Rigorousness and adherance to password protections if using server or cloud editions
  • Network security measures for the server if using the server edition
  • Whether the customer is a user defined on your system or account or a standalone user with their own system or account
  • Backup practices and locations
  • Storage location and security measures for your application data folder

These days, everyone should assume that digital records are vulnerable to a determined hacker, no matter what protections are in place.

I am answered. I meant a client whom I do accounting consulting for. I have recommended him to go on cloud version but he is worried about how safe is the business information on internet. Thanks.

Manager will eventually be introducing MFA. This will address the main security concern.

Otherwise I would recommend the Server edition where you can implement IP restriction, which is what I do for my Server Manager. However IP address restrictions may not work for your client if he needs to access Manager from anywhere.

But essentially IP whitelisting and MFA are the two options your client needs to look at.

1 Like