The next time you spot someone emailing a Quickbooks file as an attachment to an email, tell them to stop doing that. And tell them instead to install Quickbooks 2008, urge their clients to update immediately and transfer the files using the smarter, more secure way.
The Quickbooks Accountants transfer version was something we hated in prior versions. We’d always want the raw database and not the accountants version as it was never quite as full function/featured as we’d need it.
2008 changed all that. And in fact it’s quite easy for the client to start the accountants transfer version process:
Step one, choose the file transfer process
Step 2 – choose the cut off date that the accountant can post entries to
Step 3 – enter the email address information
Step 4 — create a strong password for the encryption
Step 5 — Ensure that it’s a strong password
Step 6 — QB will begin the process
Step 7 — the email will be created and sent
Step 8 — the file will be transfered
Step 9 — the email will be received by the accountant
The Accountant then can post entries and make changes. At the end of the process he can make the ‘change file’ to be sent back to the client.
Urge your CPA clients and customers to NEVER EVER merely attach the quickbooks file via email and send it. If you send it unencrypted, remember that it contains sensitive information like Social Security numbers of employees. If you think that because it’s password protected, it’s safe, think again. www.elcomsoft.com or www.lostpassword.com have password cracking programs that can crack any QB password in mere seconds.
While the chances that someone can intercept that email are probably at low risk (they are more apt to want to infect your system with a keystroke logger or something than sit there sniffing traffic looking for QB files attached to emails) the reality is that an unencrypted file, sent via email “is” at risk. I live in a state covered by Identity theft regulation, thus to take a REASONABLE precaution to protect the data is EXTREMELY prudent on my part and showcases to my clients that I care about their identity and am willing to take reasonable precautions to protect them.
Bottom line if your CPA says “just email that file”, tell them no, you don’t do that anymore. Tell them you’ve upgraded to Quickbooks 2008 and they have to now use your preferred secure method.