a client that has an SBS2003 R2 network (server has 2 nics, and is connected to the web via a cable modem and linksys befsx4. He had a quickbooks 'expert' in recently pitching how he will need to move to quickbooks enterprise soon, or start with a different QB database because their lists are getting too long and the file too big.
Users at this client use either RWW when they have desktops to connect to or for those with only laptops, use the VPN built into SBS. The quickbooks folder is on the sbs server (the only server they have) and has restricted permissions to just a few employees.
There's password complexity enabled - length, mixed case, expires every 3 months, etc. Lockout occurs after 5 failed attempts, etc..
Anyway, I got a note from my client saying the person mentioned that she had a couple of clients that had their systems hacked into through their VPN's and when she heard we had a VPN with potential access to the accounting files suggested we touch base with our IT dept. to make sure that we had adequate firewall/security etc to protect things. Can you please verify and summarize where we are with protecting the integrity of the server from outside 'hacking'.
I always say that if it's networked, it's potentially accessible / hackable. I'd be curious how you would answer, how you set your networks for remote access and if you feel it's as unhackable as possible or what you could do to make it more hacker proof and why you aren't doing those extra things (costs? usability / complexity?)