I, for one, am surprised that Intuit would begin rolling out a major release, or at least what seems like a potential major release the day before a long holiday weekend. But sure enough, Friday, Dec. 23, saw the availability of the Release 13 update for QuickBooks 2015 Desktop products.
Key among this release is a change to security (again) – this time reducing the "password" burdens so many people complained about earlier.
While those of us who participate in Alpha/Beta testing for Intuit were aware the new security change was on its way, I was shocked it would be rolled out over a holiday weekend – a time you'd think potentially thousands of callers would be seeking help as to the "what and how" of this new option.
The following changes, improvements and fixes were made to QuickBooks Desktop Pro 2015, QuickBooks Desktop Premier 2015, QuickBooks Desktop Enterprise 15.0 and the QuickBooks Desktop Accountant 2015 versions:
QBDT 2015R15 update table
The release enables users to file 1099-Misc forms via Intuit's preferred E-filing partner, Tax1099.com. Insightful Accountant published an article about Tax1099.com a couple of weeks ago. This new option is only available to U.S. product customers at this time (to date, it hasn't been rolled out in Canada or the UK).
But the single most important aspect of this update is the big security change. The change permits the QuickBooks Administrator to enable a new password security-related option under Company Preferences, in effect lessening the security of the product, in my opinion.
With this option enabled, you can login into a Company File without having to enter a username and password every time.
- You only need to login with a username and password once every few days (perhaps only as often as 90-days).
- You then can open the Company File or switch to another Company File, without having to enter a username and password, so long as you're using the same Windows user account.
Intuit
close company
- With this new option enabled, File > Preferences > Close Company will only close the Company File, it does not log off the user.
- If you wish to actually log off after this new option is enabled, you must use, File > Preferences > Logoff from Company:
Intuit
log-off from company
- You must enter a username and password again only if you have explicitly logged off from the Company File or when the login period established by the QuickBooks Administrator has expired.
This option is not automatic, as I said, it must be enabled for all users by the QuickBooks Administrator under Company Preferences:
Intuit
New Security Option
The QuickBooks Administrator must choose how long a user can remain logged in. The maximum allowed setting is 90 days (the shortest period). The default setting is two days.
This option is not available for Company Files where Credit Card Protection is enabled.
In my opinion, it's essential that users selecting this new option safeguard their computers and Windows accounts in order to ensure their Company Files are protected.
When multiple users are accessing the same Company File on the same computer, one user has to explicitly log off before another user can login. If a user accidentally fails to log off, another user can access the Company File without having to enter any username and password, as long as they are using the same Windows user account.
So I recommend you implement a screen timeout with a password prompt to ensure that access to the computer is controlled.
Let me also say that this new QuickBooks feature reportedly is not available in a hosted or Windows-RDS environment.
You can find out more details about this option from the official Intuit website here.
In making this change, it's obvious Intuit is responding to the outcries of thousands who complained about the security changes adopted during 2016 to provide enhanced security for all QuickBooks Company files, not just those with credit card data.
Personally, I felt the 2016 security changes were very worthwhile in light of the ever increasing amount of "cyber crime" that's taking place to steal even a small company's sensitive data.
Obviously these changes show that Intuit can be responsive to its customers, even if it means the product may have increased security vulnerabilities.