Data Security and Cloud Accounting – Is it Safe to Store my Financial Data in the Cloud?

What you need to know about online data security

A question I get a lot from potential clients and their accountants (we’re a cautious bunch!) is how safe is data that is stored online or “in the cloud”?

In this edition I thought I would address data security across the platforms that I use, and define some common terms and acronyms.

Physical security – much easier for most of us to understand!

The QuickBooks and Hubdoc servers have 24 – 7 security with full time security staff, video surveillance, and alarms to prevent high-tech breaches.  Secure power supplies and back up generators, as well as complex smoke and flood detection and fire suppression systems protect your information.  Hubdoc also has a military-grade passcard system that complies with national and international industry standards.

What is SSL and TLS Security

In order to communicate financial data using QuickBooks or Hubdoc, SSL or TLS security is used.  SSL is an acronym for “Secure Sockets Layer”, a standard security technology for establishing an encrypted link between a server and a client.  It allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely.  If this data was sent in plain text it could be vulnerable to eavesdropping, an attacker may be able to intercept and use that information.  TLS “Transport Layer Security”, is an even stronger version of SSL which comprises two layers of security.

When two sites have SSL or TLS certification there is a key pair – both public and private.  These keys work together to establish an encrypted connection, and when the identification is confirmed the encrypted data is communicated to the web server.  You can identify a site with SSL security as the url will begin with  https, as opposed to http.

PCI compliant credit card transactions

PCI compliant refers to “payment card industry data security standard”; a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment.  This takes certification a step further than SSL or TLS by also ensuring the website operators are a legitimate, legally accountable organization.

Your data is safe with us!

MyQuickBookKeeping.com has an SSL certificate, and all payment processing is done through stripe.  Stripe is PCI compliant and uses TLS.  None of your payment information is collected or stored on the site.  It is sent in encrypted form to Stripe.  If you sign up for a QuickBooks subscription, and want to take advantage of the special Hubdoc offer, you have to enter your information all over again!  It is annoying, but keeps your information safe.

What can YOU do to ensure your data is safe at home and in the office?

Having established that your data is both safe while stored in the cloud, and safe during communication we can now consider the advantages to you, and your business, and the additional steps you can take to ensure all of your information is safe.

The number one piece of advice – always back up the data on your computer – is completely taken care of with QuickBooks online!  You can cross this one off your list.  If anything happens to your system, you can instantly access your data from any computer connected to the internet.  One less thing to worry about should you encounter a natural disaster, the inconvenience of theft, or a hard drive crash!

1. Be sure your antivirus software is up to date.
2. Disable automatic login or autofilled passwords in your browser so a thief will be unable to access your information.
3. Use a strong password. This link has great guidelines:  https://support.google.com/accounts/answer/32040?hl=en
4. Be aware of phishing practices – do not respond to a request for personal information without being absolutely certain that it is legitimate.
5. Log off when you are finished using any site that contains personal information.
6. Within QuickBooks Online be sure to define the permission levels that limit the access privileges of each user. You control who accesses your data and what they can see and do.
7. QuickBooks Online also has a complete record of all activities carried out. You can track all changes using the Activity Log and Audit Trail.

With the added bonus of complete backups and secure storage communication you can rest assured that your data is safe, and available should there be a fire or flood in your home or office, or if you are the victim of theft.

Visit MyQuickBookKeeping.com to sign up for QuickBooks Online or Hubdoc today.  You will have access to how to videos, information blogs, and for a limited time, six months of Hubdoc free.

If you have questions you can schedule a free consultation to determine if QuickBooks online is a good fit for you and your business.

What steps do you take to maintain data security – which are you weakest links?  I would love to hear – comment below

References:

https://quickbooks.intuit.ca/about-intuit-canada/info/security/

http://hubdoc.com/security-policy

https://www.digicert.com/ssl.htm

https://stripe.com/docs/security