Solved

Securing Quickbooks

Posted on 2014-04-15
8
406 Views
Last Modified: 2014-04-27
I have a client that is using Quickbooks 2014 Enterprise through remote desktop services on a server 2008r2 system.

The accountant advised that we need to lock the file down so that people cannot make a copy of it and email it to themselves or put it on a flash drive.  She mentioned that her other clients setup in the same manner as us are locked down.

I was trying to figure out how to accomplish this with file permissions, but am I looking at this the wrong way?  should I be looking at RemoteApps instead?
0
Comment
Question by:pmitllc
  • 4
  • 3
8 Comments
 
LVL 93

Assisted Solution

by:John Hurst
John Hurst earned 250 total points
ID: 40002859
I keep the ledger file on the server in a secured folder. The number of people who have access to this folder is very limited to trustworthy people.

Then, the ledger itself should have users with strong passwords and most users should have limited rights in QuickBooks.

Properly done, you are limited to one or two QuickBooks administrators and senior users who could take the file and do something with it. This is fairly secure.

The server admin (or two) could always take the file no matter what you do.

So limit access to the folder and access to QuickBooks and you should be fine. No auditor at any of my clients has suggested this is insufficient.
0
 
LVL 25

Accepted Solution

by:
Tony Giangreco earned 250 total points
ID: 40002860
We have done that same thing for one of our client's Windows 2008 RDS servers running QB 2014 Pro.

We created a special GPO that limits all users in the QB group from accessing the web. This places the security needed to stop email and web access, thus.. securing the QB data on the server.

We also installed a Cisco Small Business Firewall and placed an access limit on it so it only users  could only login between 7AM & 11PM M/F.

This has worked very well for us. I hope it provides a good sense of direction on how you can lock the server down for your client.

Hope this info helps!
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 40002864
In addition to that, each user can only access their own folder where their QB company file is located.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 6

Author Comment

by:pmitllc
ID: 40003955
In addition to that, each user can only access their own folder where their QB company file is located.

Each user is logging into the domain with their own account, but they are all using the same QB company file.

We created a special GPO that limits all users in the QB group from accessing the web

I like this idea!
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 40003961
Yes, just so you have multi-user active and enough licenses, that can all be using it at the same time.
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 40004963
Have I answered your question?
0
 
LVL 6

Assisted Solution

by:pmitllc
pmitllc earned 0 total points
ID: 40016113
Sorry for the delays as I wanted to see if there are any other suggestions.

I think both of you have provided good answers.  I took a quick look at the RemoteApp setup and thought it would take a long time to get working, but it was really fast and I think that is the best way.

Now my users don't have access to a server desktop and it looks like QB is on the system even though it isn't so they can take advantage of the dual monitors.

I would recommend this way.
0
 
LVL 6

Author Closing Comment

by:pmitllc
ID: 40025566
I have found that the RemoteApp setup works best in my situation, but the other solutions provided my work better for others.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
vmdk greater than 2TB 2 61
MSDN Licensing query 5 87
DHCP lease duration / Migration 8 57
Dell PowerEdge 2950 crashing on a weekly basis 5 40
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question