The document discusses security issues for QuickBooks and provides recommendations for SMBs. It identifies external threats like spyware, phishing, viruses, and spam, as well as internal threats including fraud, risky online employee behavior, and wasted productivity. It recommends developing a training and security policy, and deploying integrated security protection like Trend Micro. QuickBooks Enterprise is presented as offering more protection than Pro/Premier editions through features like predefined roles and permissions.

1. Security for
QuickBooks and
QuickBooks
Enterprise
perform
Jim Savage
Certified QuickBooks Pro Advisor
Intuit Solution Provider
June 17, 2009
Intuit Community Expert
Intuit Confidential

2. Speaker Bio – Jim Savage
•QB Certified Pro Advisor since 2002
•QB Enterprise Certified Pro Advisor
•Intuit Solution Provider
•Intuit Community Expert
•Controller/CFO in private sector
•IT Director up until 1999 for Fortune 500 company,
networks, software development, PC technology
•Specializes now in Small/Medium Size Businesses (SMB)
perform
Community Expert
Intuit Confidential

3. Agenda (Part 1)
•Identify Security Issues Facing SMB
•External
•Spyware
•Phishing
•Viruses
•Spam
•Internal
•Fraud
•Risky Online Behavior
•Wasted Productivity
perform
Intuit Confidential

4. Agenda (Part 2)
• Steps to Take to Protect Your Business
• Develop a Training and Security Policy
• Deploy Integrated Security Protection
• QuickBooks Enterprise vs. Pro and Premier
• Trend Micro vs. Other Security Products
perform
Intuit Confidential

5. External Threats
• Spyware
– Spyware is a software application that monitors a
user’s computing habits and personal information
– This information is sent to third parties without the
user’s authorization or knowledge.
• Phishing
– Phishing attacks aim to “fish” or obtain personal
information or financial information.
• Viruses
– Viruses can corrupt or destroy data
perform
• Spam
– Spam is a threat because it is a means for planting
malware on user’s computers
Intuit Confidential

6. Internal Threats - Fraud
• Fraud
– Stealing Money or goods
– Misusing Company Credit Card Accounts
– Falsifying Checks or Payroll (Phantom
Employees)
– Bribes or Kickbacks
– Embellishing Expense Accounts
– Stealing or Selling Company Trade Secrets
perform
Protect Your Business from Fraud: Keep Your Financial Information Secure by
Joe Woodard
Intuit Confidential

7. Internal Threats – Risky Online Behavior
• More Likely to Happen in SMB*
• Employees in SMB companies took more online risks while on the company
network compared to their counterparts in larger organizations
• Risky activities include:
– Browsing Web sites unrelated to work
– Making online purchases
– Visiting social networking sites
– Downloading executable files
– Checking personal Web-based email
• Despite a higher level of risky online behavior taking place, only about 50
percent or fewer end users within SMB companies said they had an IT
department.
• perform
*Results from 6/2/08 Trend Micro a study that explores computer users’ perceptions of and experiences with security threats.
Intuit Confidential

8. Internal Threats – Wasted Productivity
• Inc. Magazine Study - More than half (52%) of the
2,706 people surveyed admitted that their biggest
distraction during work hours is surfing the Internet for
personal use. Other distractions cited by respondents
included socializing with co-workers (26.3%), running
errands outside the office (7.6%) and spacing out
(6.6%).
• The survey also found that older employees wasted
less time at work than their younger counterparts.
People born between 1950 and 1959 waste 0.68
hours at work each day, while those born between
1980 and 1985 admit they waste 1.95 hours.
perform
Intuit Confidential

9. Training and Security Policy
• Create a security policy
– Internet Acceptable Use Policy
– PC Security Protection
– Handling/Dissemination of customer/company data
• Train employees on the company’s security policy
Resources:
BBB program: Security and Privacy – Made Simpler perform
FTC brochure: Protecting Personal Information: A Guide for Business
Payment Cardholder Industry Data Security Standard: https://www.pcisecuritystandards.org/
9 Intuit Confidential

10. Deploy Integrated Security Protection
• Use packages that bundle protection for Conventional
Threats:
– Anti-Virus
– Anti-Spyware
– Anti-Spam
• Lock Down QuickBooks Program Files
– Any data store with confidential information needs
protection
• Keep protection current
perform
– Subscription
– Vendor capability
Adequate Protection Removes Security as a Top-of-Mind Concern
10 Intuit Confidential

11. Benefits of QuickBooks Enterprise
• QBES offers much more protection than Pro & Premier
– 14 pre-defined roles
– Can control 115 functions within 11 functional areas
– Controlled access to specific lists/reports
– Controlled access to specific bank accounts
– Permissions Access by Users Report
perform
Intuit Confidential

12. Protection Suites
perform
12 Intuit Confidential

13. Industry Recognition for Trend Micro
Product/Service
Business Recognition
Recognition
Software Business
Innovative SaaS
Company
perform
Intuit Confidential

14. Unique Advantages Vs. Key Competitors
Standard/ Key Competitors
Features
Advanced 6.0 (SYMC, MFEE)
Smart Scan- New!  X
URL Filtering- New!  X
Web Threat Protection
 X
Intuit QuickBooks Protection  X
Identifies vulnerable computers without latest Microsoft patches
 X
Automatically remove threats, repair system files,
and remove threat files left behind  X
and multiple products (for resellers) perform
Support for a single console to manage multiple customers,
 X
Filter outbound IM content (ICQ) and mail
 X
Includes hosted mail filtering and integrated Exchange
protection and anti-spam (Advanced) X
Intuit Confidential

15. Recap
• Identified Security issues facing SMB
– External
– Internal
• Steps you can take to protect your business
– Develop a training and security policy
– Deploy integrated security protection
• QBES vs. Pro/Premier
• Trend Micro vs. other security products
• For more information contact:
– QuickBooks Pro/Premier
• www.quickbooks.com, Training and Learning, Find a Local
perform
Quickbooks Expert (to find a local Pro Advisor)
– QuickBooks Enterprise
• www.qbes.com, Support, Get Help (to find an Intuit Solutions
Provider)
Intuit Confidential

16. Contact information
Jim Savage aka The QuickBooks Guy
951-541-9205
jim@thequickbooksguy.com
www.thequickbooksguy.com
perform
Intuit Confidential