Increased Log In Security and Limit Employee Access

Hi, With the increased potential for cyber attacks and given the amount of data and personal information that is contained in our 360 files is there a plan to implement a more secure log in arrangement (two-step?) and is there a way for management to limit employee access in some way to help protect sensitive data that could be obtained via an employee’s personal phone, computer, tablet, etc. where they have logged in to 360? My IT lingo is limited so I’m sure the terminology of my query could be better, but the gist of the query is how we (with the help of BGL), as the primary accountant with responsibility for protecting the client’s data, can improve the security of this data in the cloud environment. Thank you

1 Like

Hi @KayBee,

For MFA/2SA we are currently working on this and plan to release shortly. For more information please see Multi-Factor Authentication - Simple Fund 360 Common Support Queries.

MFA will be made mandatory for all user at some stage during 2019.

Please remember, that the User Roles (User Roles - Simple Fund 360 Getting Started) allows you to turn on and off user permissions. Enhanced Privacy may be turned on to mask out Date of Birth, TFN, ABN and Mobile Number in the Contacts Screen.

Regards

Jeevan

I would also like to see restructions on access to various funds - like the password systems we used to have in Desktop.

Hi @Maz,

We are planning to address this in the first half of 2019.

Thanks

Jeevan

This can also be achieved by only allowing certain employees to access the Funds you want restricted and only giving the administrator log in access to change who can access which Funds (that’s how we got around the no passwords for files when we went to 360).

1 Like

Thank you Jeevan and EmmaH. Apologies for the late acknowledgement!

Hi All,

Soon we will be releasing Multi-Factor Authentication on all your firms BGL apps.

This will affect how you log in to CAS360 and Simple Fund 360.

What is it?

Multi-Factor Authentication (MFA), sometimes known as Two Factor Authentication, 2FA, 2SA or TFA is a security enhancement for user accounts. Traditionally, users have relied on and are accustomed to authentication systems that require them to provide a unique identifier such as their email address and a correct password to gain access to a system.

Multi-Factor authentication is an extra layer of security in which users will be prompted for their password (the first factor—what they know), and for a security code (the second factor—what they have), making it more difficult for unauthorised people to access your data.

What options are supported for MFA in SF 360?

The MFA security code can be received using an:

  • Authentication app e.g. Google Authenticator
  • SMS Text Message

The use of an authentication app is the recommended method .

Multi-Factor Authentication will not be mandatory at the beginning, (it is highly recommended) and will become mandatory in 2019

For more information about Multi-Factor Authentication check out the SF360 Knowledge Centre.

https://360help.com.au/pages/viewpage.action?pageId=28115900