We spend a lot of time talking about why you should ditch spreadsheets in favor of an accounting app — automating, error-proofing, scalable, saves you time and money — but we don’t touch on enough on the topic of security. Which is more secure — book-based bookkeeping, Microsoft Excel, downloaded accounting software like Quickbooks, or the trendy cloud-based accounting? They each have different pros and cons Today we look to weigh the risks versus the benefits of using an accounting app to manage the day-to-day of your small business in the cloud.
How do you know if an accounting app is secure?
Considering you’re putting your business’ most private information far outside the walls of your office and having it stored on a server you have no control over, there’s of course reason for your concern. We start off by walking you through how to decide if your potential accounting software is truly secure.
Like you probably do with all important purchases, when searching for a new accounting software, first Google it. You want to look for accounting apps that make data security a priority. Check, is security something they list on the main features of their website? That at least gives you a hint to their priorities.
Next, read the fine print.
- How long are they going to hold onto your data for?
- Are they going to be in business for the long run?
- Check for a service level agreement and/or an uptime agreement.
- How will they be storing your data?
- How often do they back up their servers?
All this information should be clear — it should be on their website, but if not the sales or support reps should be well-versed in this information.
But then of course don’t just trust their marketing teams. Check with respectable sources like the Better Business Bureau for security ratings.
Then check out user reviews about their experience with each app you consider. Just like bugs are a red flag in a hotel review, they are even more important to an app review.
Next, once these basic needs are met (which you should probably, by the way, make sure are met for all things you A. Give your credit card information to or B. Give personal information to,) it’s time to check if your accounting app is locally and, if you plan to have a worldly biz, internationally compliant.
HIPAA, DCAA… the list goes on. Whether you are a small business using an accounting software to manage your billing and payroll, a CPA, an SMB using a CPA, or a start-up that has government or big-ticket clients, your compliancy requirements will be different. It’s up to you to understand the specific requirements based on your location, sector, customers and more. Then the easiest way to find out if your prospective accounting software meets that criteria is simply to ask. Via email. So you have a savable paper trail later to prove your due diligence in this matter.
Tricks to make your accounting app more secure
When all is said and done, even the most savvy small business is probably using some sort of amalgamation of real books, Excel, apps and even legacy account software. This means you can have some sort of amalgamation of security risks as well.
With passwords like QWERTY and 123456, there’s an even more decreased level of security for anything involving the Internet. It’s up to you to educate your employees about complex passwords and other seemingly no-brainer security prevention.
Consider making backups of all client and accounting information on your company’s own server.
Make sure you and your office mates keep your browsers up to date. The security of an accounting app is only as secure as the window and computer it’s being run on.
And beware of BYOD. By allowing your staff to Bring Your Own mobile Device to work, you may be saving money, but causing a long-term risk. If a staff member’s laptop or smartphone gets stolen, you had better have a way to manually and quickly wipe that device or to or change log-in information immediately. And then you have to communicate the policy if something bad should happen, who your employee should call as soon as possible. Nowadays companies not only need fire drills (though we know no one does them) but needs a BYOD drill too.
Accounting software that prioritize security
We did our research and found these specific accounting apps have a reputation and prioritization of security. What, they are the same old accounting apps you always hear of? That’s probably because they’ve been on the market for a while and have built a reputation of reliability and security. This also means that these seven accounting apps have nearly the same security procedures and policies and meet the same standards of compliance. Below we work to highlight the differences between them and to illustrate which security aspects they choose to focus on.
When you are talking about a huge cloud-based platform like Salesforce or Netsuite, you can pretty much guarantee it can be trusted — if hundreds of thousands of folks use it, why shouldn’t you too? A benefit of a complete financial, accounting and resource planning platform like NetSuite OneWorld is that all of its integrations are held by the same security standards and don’t involve you opening yourself up to risks by authorizing other apps to gain access information from your accounting software. It also offers role-based security so you can make sure who has access to what information.
Remember when we talked about how you should start off by checking out the accounting app’s website to see if security is a true priority? And then we just said in the app above about how we like underdogs, trusted brands are almost certain to be the safest. FinancialForce is both. It is part of the trusted Salesforce platform. And FinancialForce’s Code of Trust is just a message of pure confidence in its ability to guarantee security, long-term availability — a company with more than 100,000 customers isn’t going to close soon — and application processing integrity.
Prominently on the Xero website is found the phrase: “Our software has never been breached and we have never lost any customer data.” That’s a bold declaration that pretty much says it all. Xero is the first to say what it’s doing with the millions of dollars in investments it receives each year — putting it right back into security and infrastructure. And, like the WordPress I’m drafting this piece on, it idiot-proofs your office a bit by requiring complex and secure passwords.
Zoho may have a silly name but that might be why we recognize it as THE name in freelance and small business app suites. Zoho takes a fourfold approach to its security across its many apps: physical security, network security, people processes, and redundancy and continuity. They don’t even just publicly address the backups of data but what they are doing on-site with their server hardware, including cooling and power backups. Like the ones above, they throw it back to the customer, trying to remind you that you too are responsible for your business’ online security.
FreshBooks’ on-website messaging about security is really formulaic. They cover the bases that really any app should have on its webpage: SSL, firewalls, encryptions, redundant servers, and backups. There’s no doubt that FreshBooks is a trusted name in accounting software. But it simply doesn’t make at least the same marketing or content effort to prove it.
Of all the accounting apps mentioned, Intacct goes out of its way to make sure its customers are thinking about security and offer the most concrete guarantees. One of the concerns about testing out a new app with your small business’ essential information is that, well, the company might go under. Intacct has 12 years under its belt and offers very specific promises — of 99.8 percent or higher availability of the app, of being back up 24 hours after a natural disaster, 24-7-365 tech support and system monitoring. It might be just great marketing, but by holding yourself up to specifically stated standards, you offer the perception that you will meet them (or risk highly public ridicule and destruction.)
This article was written by GetApp from Business2Community and was legally licensed through the NewsCred publisher network.