Most businesses today opt for cloud accounting. The benefit is clear – access by anyone, anywhere, anytime. However, that benefit brings with it, the greatest risk – the security of your data.
Normally, access to your data involves one or more of :
- User name
- Password
- Security questions
- Two factor authentication 2FA – also called One Time Code OTC
- Invitations
The user name is usually your email address. It’s fairly easy to get hold of or guess. You can increase your security by using an alias email – so instead of smithj@abc.com.au use 4ls9&e@abc.com.au or create a new gmail account for 4ls9&e@gmail.com. These email addresses can be set up to automatically forward to smithj@abc.com.au so you won’t miss out on important news. When you log on, do not tick “Remember Me” box.
Most recommendations for passwords are at least 8 characters including lower and upper case letters, numbers and symbols. An idea is to use the 1st characters of a song or saying or a line from Shakespeare. Try this one – 2b0n2bTIT? Hard to guess but easy to remember.
5 minutes on ancestry.com and your mother’s maiden name and birth date are revealed. So use security questions that are not founded in fact eg your favourite teacher (don’t say you didn’t have one), your favourite holiday spot.
Two Factor Authentications (2FA) are sent to you by text or email or generated by authenticators on your phone and are probably the best security. Though not so good if you can’t find your phone. Mostly, 2FAs are tied to only one phone or email address so each user ends up with their own log on.
Every time you, as the business owner, send an invitation to add a new user, control over access to your data is weakened. To maintain control, set up the account for the new user. The fewer users the better and de-activate ex-users promptly.
In future blogs, we stay on security of data and discuss technical aspects and backing up your data.