Best Security Practices for QuickBooks Point of Sale/QuickBooks Financials

  • QuickBooks Point of Sale Desktop should be configured to require the software to be logged into and not allow unauthenticated access to it.
  • Every employee who uses QuickBooks Point of Sale Desktop needs to have their own user account in QuickBooks Point of Sale Desktop that they use to log into and use the software. By having individual user accounts in QuickBooks Point of Sale Desktop for all employees, it is easier to track employee usage of the software for auditing purposes.
  • Only give the users in QuickBooks Point of Sale Desktop the least amount of security rights as they need to perform their job duties. This will prevent employees from accessing other areas of the application that they do not need to.  QuickBooks Point of Sale Desktop has 4 predefined security groups that can be modified or copied.  You have the ability to create your own security groups either from scratch or from an existing security group.
  • Create a security group in QuickBooks Point of Sale Desktop that has no rights to the application. When an employee leaves, reassign their user account in QuickBooks Point of Sale Desktop to the security group with no rights.  This will allow you to keep their user account for auditing purposes, but not allow the user to have any rights to using the software at all.
  • Configure QuickBooks Point of Sale Desktop at a workstation level to automatically log users out after a specific period of inactivity (ie:5 minutes). This will help prevent unauthorized access to the application.
  • Configure QuickBooks Point of Sale Desktop to log the user out of the software after every sale has been completed. This will help prevent unauthorized access to the application.
  • Configure the workstation(s) to remember the last four passwords used so that an employee is not able to reuse the same password over and over again.
  • If you suspect a security breach by a specific user/employee, you should either disable their account(s), change the password for their account(s), or delete their accounts. This will block further access to your data by the user/employee while you have an opportunity to investigate the suspected breach.
  • When an employee leaves your company, disable their account immediately by deleting the employee record so that no further access to your data through that user name and password is possible (if you wish to keep the employee record, change their password and reassign them to a security group with no rights).
  • If you use our managed Bitdefender antivirus and firewall service, please click on the following link to read our article on how to check the status of the service and your scans that are being performed.
  • If you use our offsite backup services, please click on the following link to read our article on how you can check to make sure that your backups for either QBPOS Desktop or QuickBooks Financials are being performed on a daily basis.
  • To learn about best practices for keeping your computers and network protected, click here.
Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk