Updated: Sep 29
Make sure your company's QuickBooks users only have the permissions they need, and check out our additional tips to keep your sensitive financial data secure.
QuickBooks Online is a powerful accounting software that offers a variety of features to help businesses manage their finances securely. One of the most important aspects of using QuickBooks Online is understanding user roles. User roles determine what actions a user can perform within the software, such as creating invoices or accessing sensitive financial information. They also ensure that employees can only view what they need to and that their ability to enter and modify data is limited. In this blog post, we'll explore the different user roles available in QuickBooks Online, how to assign them to your team members, and a few bonus tips to protect your sensitive data.
Types of Users
As long as you're on the Essentials plan or higher, your QuickBooks Online subscription will come with seats for additional users. If you reach your maximum number of users, contact us for next steps; QuickBooks Online Advanced offers up to 25 users. To set up a new user, click the gear icon in the upper right. Next, select Manage users under Your Company. Or click Get things done in the toolbar and select the Manage users icon in the Company box.
Click the Manage users icon to add a new user to your QuickBooks Online account. You’ll see a table with your own account information listed there. Click Add user in the upper right. In the window that opens, you’ll have to choose a user type. This can be a:
Company admin. This type of user can see and do everything, like add other users and send money.
Standard user. This type of user has full or limited access, without admin privileges.
Both of these user types would count toward your employee limit. However, you can also invite someone to have Reports access only, excluding payroll and contact information; this specific type of access wouldn’t count toward your user limit.
As an example, let's choose Standard user and select Next in the lower right. The page that opens asks you how much access the individual should have. Your options are:
All, including or excluding Payroll.
Limited. Depending on your needs, this customer could have access to Customers and/or Vendors, with access rights spelled out.
None. This user could manage some things and submit timesheets.
QuickBooks Online shows you what specific users’ access rights are. After you’ve made your selection on this page, click Next in the lower right. You’ll answer a few Yes, No, or View-only questions, things like Do you want this user to add, edit, and remove users? Click Next and provide the user’s name and email address. They will receive an invitation (good for 30 days) to set up a password and log in. Click Save to be returned to your user access list. Your user can log in after accepting your invitation. For much more granular control, QuickBooks Online Advanced delivers. QBO Advanced includes 15 total role types, including Admin. Each role offers additional opportunities for customizable permissions as well. Contact us to learn more (and ask us about our competitive pricing!).
Other Ways to Keep Your Data Safe
Limiting access for employees who must log into QuickBooks Online is one way to safeguard your company file data, but there are a few other tactics you'll want to consider:
Try to avoid printing data other than necessary transactions from your QuickBooks file. When you must, always store it in a secure place and shred when you no longer need the physical copy.
Keep your networks safe. Create policies and put them in writing for employees. For example, don’t allow workers to download apps onto their work computers, and discourage unnecessary web browsing. Encourage them to practice good email hygiene (how to look out for imposter accounts, review links before clicking, and avoid downloading attachments unless they themselves have requested them from the sender first). Consider network monitoring software and, as soon as your company is big enough, managed IT.
Protect data remotely. If you or your employees have company-issued phones with QuickBooks Online data on them, stress that they should never use their phones on public Wi-Fi networks.
Don’t leave QuickBooks Online open when you’re not at your desk; always log out before walking away. You can also change the timeout duration to automatically log you out after a set amount of time. Navigate to Settings > Account and Settings > Advanced > Edit > Sign me out if inactive.
Turn on Two Factor Authentication QuickBooks Online automatically includes multi-factor authentication to protect your QuickBooks file, but look into your other financial data apps and log-ins to ensure your financial data is protected elsewhere.
Update your applications and operating system routinely. QuickBooks Online will update itself without any action on your part, but many other applications don’t. These updates sometimes contain system security patches in addition to new features. Don't delay in downloading these updates.
Data security is critical to the health of your business; one serious breach could shut your entire business down. Follow these best practices to protect yourself against increasingly advanced efforts by hackers, phishers, and other intrusions that could seriously compromise your data or put it in the wrong hands. Remember: your customers, vendors, and employees entrust sensitive information you’ve added to your QuickBooks company file. Continue to earn their trust by protecting their data as well as your own. Have questions about system security or QuickBooks Online features? We’re here, and we stand ready to share our accounting software expertise with you! We want to see you succeed, and sound financial records are essential to making that happen.