In our last newsletter, we asked our readers about what topics they had the most questions about and we shared those questions with our technical team. This month is about online bookkeeping programs.
Reader Question: Online bookkeeping programs – how secure are they? What is the probability of someone hacking into your personal or business information through them vs. the probability of a desktop bookkeeping solution? Are there minimum security requirements across the board for online bookkeeping providers and, if so, are they realistic and effective at protecting information?
Ask the Engineer Response:
Software that you run online or through your desktop is vulnerable to security threats, so the real question is, “Is online software more secure than desktop software”?
For most SMBs, the answer is yes. To understand why, we’ve compiled some information about all the vulnerabilities of using software.
Desktop software vulnerabilities are all located in one place, on your desktop or laptop. This is your point of access for everything; the point of storage for your accounting software, your data files, and your point of connection to the internet.
Sadly, many businesses don’t realize the importance of security. From technical measures such as anti-virus and firewalls to physical means such as locked doors and anti-theft cable solutions. Businesses also spend little or no time/money on educating their staff about best security practices.
Your office computer is faced with a greater range of internet-based attacks than online software would. Keep in mind that it is also much more susceptible to physical dangers such as fire, flood or theft.
If an emergency does happen, do you have a game plan to restore your software? Probably not, according to most SMBs. Backup is treated as an afterthought for many businesses, but this process could save you many hours or days when you need to return to full operation. Check out our other article to read more about backups, disaster recovery, and business continuity – Fire is a Real Threat.
Online software points of vulnerability are shared between the vendor and the user. It is still the user’s responsibility to secure the point of access while viewing the software though.
The good news is that the storage of the accounting software and the data file is not the user’s responsibility, but the vendor’s. These software companies have enterprise grade data centers with highly advanced defenses that run your online software.
Behind the scenes at one of these data centers would make any SMB server room look like a kid’s playroom. The facility would be protected by guards while access would be regulated by key cards, fingerprint recognition, and iris scanners. There would also be a physical protection system that would include firefighting defenses, generators in case of blackouts, and flood resistant areas.
These data centers would have numerous, lightning fast high-speed internet connections. Their networks would be protected around the clock by current security technologies with a team of IT security specialists.
Online software companies store your data on the same server as hundreds of other businesses, so there is also security in anonymity. If a server fails it can automatically push your data onto another server. You can imagine the detailed backup procedures that these companies have in case a software bug causes a crash. The best known online software programs only have several hours of downtime in a whole year.
No matter what the threat is, going with online software is usually a safer bet than a desktop program. Hackers are intelligent and have sophisticated methods for penetrating files. They have two main ways of hacking into online software from the user’s computer. One is a password guessing program that cycles through billions of sequences until they get a match. Otherwise, they nose around on a network until they can grab a password that passes between the desktop and the data center. The most successful forms of hacking have nothing to do with online software itself. The weakest link in the chain is usually the user.
But, these advanced attacks are practically impossible against online accounting software that’s distributed by mainstream vendors.
You can minimize the risk of a breach by:
- Using a complicated password and keeping it somewhere secure.
- A password manager is great for storing difficult passwords.
- You should never, ever reveal your password. If someone asks, there’s a good chance they don’t have the best intentions.
- Don’t use public computers, stick with your own laptop or computer.
- As tempting as it is, don’t use public wifi networks. These public wifi networks can be compromised.
For more information, please contact our engineers at 888-98-THINK.