more-arw search

Q&A Forum

Securing access to sensitive online financial accounts

How do you contain the exposure of granting online account access to service providers. Accounting temps, PEOs, financial BPOs etc? Let's say outsourced teams need access to banking portal, accounting systems, payroll service etc? I"m particularly thinking of browser accessed (or cloud) apps.

Answers

Topic Expert
Wayne Spivak
Title: President & CFO
Company: SBAConsulting.com
LinkedIn Profile
(President & CFO, SBAConsulting.com) |

Many of these apps have granular permission levels. Speak with the vendor on how to limit access.

Also, don't forget to have these people sign NDA's (at least it gives you a leg up in a law suit).

Anonymous User
Title: CFO
Company: Local Government Agency
(CFO, Local Government Agency) |

Your IT department should be able to help. Ours has set up online access for specific consultants/vendors that restricts their entry to the portion of our intranet that is specific to the software that they need access to in the first place. They can't get into any other area of our network.

They set up a VPN to come through the main firewall. But then, their ability to access and/or change any software is limited to the particular application they are authorized to work on.

On the other hand, I and one other exec have network administrative privileges and access to all areas of our intranet. The caveat is, any of our access and activities are logged by the system. And, as a matter of data security, if I were to resign tomorrow, my privileges would be instantly revoked for access from the outside.

Things like temps are provided with limited, network access via password and restricted privileges and nothing coming from the outside.

Jim Torpey
Title: VP of Sales & Biz Dev.
Company: InsynQ
(VP of Sales & Biz Dev., InsynQ) |

It depends on the type of online service, application or cloud computing technology you are using. Some online (SaaS) apps give you the ability to add temp users and limit/restrict what they can do or access.

When it comes to financial data, some cloud computing providers can offer tiered permission structures, which also allow you to control or restrict access. For example, a CPA can set permissions so that two different bookkeepers can only access the client files they need to work on. At the same time, the CPA can access client files and software associated with with all of their clients.

In any case, it comes down to the technology you are using. And depending on what that is, you may find a variety of terms associated with this ability..."Account Permissions", "Portal Control", "User Access Level", etc.

952 views
Topics

Get Free Membership

By signing up, you will receive emails from Proformative regarding Proformative programs, events, community news and activity. You can withdraw your consent at any time. Contact Us.

Business Exchange

Browse the Business Exchange to find information, resources and peer reviews to help you select the right solution for your business.

Learn more

Contribute to Community

If you’re interested in learning more about contributing to your Proformative community, we have many ways for you to get involved. Please email content@proformative.com to learn more about becoming a speaker or contributing to the blogs/Q&A Forum.