Happy day,
Our firm has grown a bit and I now employ FT eight people. It is joyfully terrifying as, like you, we have access to all sorts of client data. And while I have a security policy and have employees sign all sorts of documents, in the end, it all boils down to trust and ethics.
A common problem I have is that we have logins to many banks, brokerages, retirement and payroll platforms. All of them use two-factor authentication, which means that on any given day, my phone or email is hammered with authentication requests. Its annoying for staff and I, but fine when I am in town. When I am out on...ha ha...vacation...in...ha ha...Ambergris Cay, Belize, I would not be receiving these messages and my practice's ability to serve clients would stall or die.
Not too long ago I changed to a Google Voice account for the 2FA texts and a generic practice email address. A lot of things became smoother for everyone. Until I pondered a simple question: what happens if a disgruntled employee logs in and changes the passwords and 2FA info? Then what?
And so I figure that someone among this throng has wrestled with this stuff before, and perhaps has a better solution they would be willing to share.
This discussion has been locked. No new contributions can be made. You may start a new discussion here
You have clicked a link to a site outside of the Intuit Accountants Community. By clicking "Continue", you will leave the community and be taken to that site instead.