Quickbooks online - Financial data security concerns...

Most Quickbooks Online hacks are social engineering / phishing exploits, where the account holder was suckered into giving the "would-be-hacker" just enough information to access and/or take over their account.

That's not saying they haven't suffered legitimate data breeches, I'm just stating that most of the cases are as stated above.

I feel it is far safer on a local network behind a properly configured firewall.

I personally prefer the desktop installation with local storage over their cloud, but you're still vulnerable especially if that PC/Server is used to go on the internet, check email, allow remote connections, shares folders/drives etc.

One infected PC with access to a network share is all it takes.

Nothing will protect your data 100% except perhaps having a dedicated machine that is not connected to the internet or internal network "at all" except maybe 1 or 2x a month only to check for and implement security updates and patches.

No remote connections, dedicated USB drives for backup storage which "never" gets connected to another device

And even then there's still plenty of ways data could get compromised.

IMO it all boils down to your (the end users) idea of acceptable risk

Hey Ken!

Thanks so much for your response.  I do feel that Intuit would be more of a target than a small business.  If the business using desktop ver of QB is behind a secured firewall blocking access from countries not required for connection, using a secured encrypted VPN for remote access, and end point protection that disconnects from the network if infected - (Email security would be nice), as well as user education.  It may be a tad more secure.

In my mind it just didn't seem like a good move to hang the data out in the cloud unless needed.

Thank you!!!

While Intuit/QB is very likely a bigger target than your small business, they are also more likely to have sufficient security measures in place to resist attacks as they have a team of experts dedicated to their network and software security. That being said, no one is perfect and at the end of the day attacks are sometimes successful, whether you keep it locally or put it on the cloud. I personally use QB online for my business, and feel like that is better because then I don't have to worry about a local hardware failure causing potential data loss (which I personally find to be a more likely scenario than someone hacking my QB account, or being able to penetrate my network security). If you utilize strong passwords, have good awareness of cybersecurity best practices, and use the Multi Factor Authentication that quickbook does provide, then I would consider your data to be about as safe as it can be.

Hey Scott

Also very good points -thanks for your response!  It does appear that QB Premier (as per the sales rep @ Intuit), is still clearly more robust than the online offerings - yet another factor. 

I REALLY appreciate your feedback, good points!