Finance, Security and Dual Authentication Part 2: The solution

Date
14 April

Author
Jamie Allen

As a follow-up to my previous article on security and dual authentication, I promised to share some of the ways in which we help accountants and businesses navigate their way through the issues of providing secure cloud systems to their clients so they can collaborate more easily. In short, many system providers are moving towards obligatory requirements to set up dual authentication apps to access their systems. It is a sensible and necessary move to ensure hackers cannot guess passwords and access your data.

But taking this forward, businesses will have many systems and API integrations to implement dual-authentication for and having dozens of codes and passwords is likely to cause a headache so we believe businesses and accountants need to be aware of this change early on.

For those of you familiar with our service, you will be aware we have a single sign-on (SSO)/portal which our clients use to access the systems we integrate for them. This means we have 1 strict requirement; you must have 1 memorable strong password to access our portal and consequently, the other system credentials we store in here. There are also enforced restrictions on setting this password with capitals, lower case, numbers, and special characters. We also do not allow your computer to remember this password (no keychains allowed). It must be typed.

Once you are logged in, you will be presented with your own personal dashboard of apps that you use, and we have links into 100s of cloud-based systems and can add more on request. All you need to do to access a system is put in the username and password within a “widget” or tile once and the system will remember and encrypt these credentials (see below).

If we can set credentials and manage this for you, we will create a password of the maximum complexity possible in these systems and then delete the password as it is no longer needed once entered in the SSO. If we cannot set it for you, we would ask you to do the same. You can google a strong password creator, set your parameters and we encourage a minimum of 13 characters with variations (lower/upper case, numbers, special characters).

Now you might say, “Ok, that is all well and good, but if all the systems set up authenticators, I still need all the codes on my phone. So, it doesn’t really help”. That could be true, but we also have a link to these authenticators. This means, on setup and based on the provider letting us, we can collect the authenticator codes in the portal and store on the widget as below.

All you have to do is click the code I have highlighted in yellow above (badly [sorry]), this will copy the code, you can then click on the widget, the password and username is entered automatically and then you just paste the code into the next box and press enter. You’re in! No phone required and it’s really easy.

There is also a huge amount of other security settings you can maintain in our portal around creating user groups and levels of access, all designed to make the user experience easy and keep out the hackers. You also have complete control over what systems users can see and can then also create multiple “Sign On’s” to 1 system.

We would really encourage all businesses and accountants to think about this area after Xero’s recent announcement. Please don’t ignore this issue. As your app stacks increase in size along with user numbers and costs, we can really help. Keychains and systems like Lastpass only go so far and can even be a security risk if not used properly. If you want to know more about our security solutions, please do not hesitate to contact us here or at www.4pointzero.co.uk

Keep Exploring

What problems do 4PointZero solve? – Part 4

Tue 30th March

The final part of our problem-solving series covers information mainly around how we provide our
hospitality accounting software

Why it is important for hospitality businesses to consider integrating their PMS and accounting software.

Tue 20th June

This article highlights the potential impact of PMS software and accounting software integration on financial

Integrating Sales Invoices and/or Sales Data Part 1: What is the problem?

Wed 5th May

Being a business owner myself, I can say hand on heart the most interesting thing

Move into the future today!

Try out for FREE for 30 days. Even better, only days that you actually use are counted.

© Copyright 2023. All Rights Reserved. Privacy Policy | Terms & Conditions