If you use cloud accounting, no doubt you’re keen to ensure the safety of your business’ confidential accounting information. This is how to ensure your valuable data is covered from all angles.
Are you one of the 86 percent (2012 Colmar Brunton research, commissioned by BankLink, involving 318 Australian SMEs) of small business owners who aren’t comfortable with handing over their banking logins and passwords to suppliers, business partners or other third parties?
Did you know that you might be allowing this without realising it? It’s something that I’ve only just had my attention drawn to; a practice that’s more common than you may think. It’s called screen scraping.
The basics are:
- Many business owners benefit from their bank transactions being conveniently fed into their cloud accounting software
- This is made possible because their cloud accounting provider, with their permission, sets up a feed from the business owner’s internet bank account into their business data file/s in the cloud
- Some cloud providers use a third party service that ‘screen scrapes’ that information from the business owner’s internet banking account into their business file
- To allow this screen scraping – perhaps without realising exactly how it works – the business owner provides their bank account login and password to their accounting provider who then passes it on to their bank feed supplier
- This supplier uses those private login credentials to access the business owner’s internet banking account, copying their transaction data and sending it to their accounting software provider
It’s no secret that handing over your internet banking login details leaves you wide open for potential fraud. There is a much safer option for having your banking data fed into your accounting software – no doubt a relief for everyone who benefits from the time saved by this feature of cloud accounting.
BankLink, for example, supplies secure ‘read-only’ transaction data via direct feeds from financial institutions so business owners can have peace of mind knowing their data is always protected. Their login and password are not required at all. The company also complies with the stringent Payment Card Industry Data Security Standard (PCI DSS) for the safe handling of transaction data – it is supplied under strict international security measures that meet the requirements of all the major banks.
Using cloud accounting? Check how your bank feeds are making their way back to you and see what industry standards your cloud accounting provider is complying with.