hey it's patti scharf CPA and co-founder of catching clouds the leader in
e-commerce accounting I am continuing my series on solutions for e-commerce
sellers and today I want to talk about security because you know you can't talk
about online commerce without talking about security make sure you stick
around to the end because I'm going to talk about specifically LastPass which
is a password vault and I'm going to tell you why you need that and kind of
what it does and stuff like that so let's get started
all right so everything in the world is moving towards the cloud so everything
is accessible with a browser whether you're on your phone or you're on your
computer or whatever and because everything is accessible through the
Internet the biggest issue that you need to be
paying attention to is password security basically if somebody has your password
they can get in whether they're hacking or whatever if they can get in they can
get to your world so we want to prevent that right alright so one of the first
things I want to talk about is setting up sub logins so if you are using a bank
like let's use Chase for example Chase will allow you to create another user
account underneath your main account that you can limit access so like when
we're working with clients we want to get a sub login as often as possible
because we don't want access to the main meet of the account we just want to see
like what happened in their accounting transactions and things like that so we
will ask for a sub login with limited permissions that does not allow us to
transact on anybody's account we highly recommend that if you are working with
another accountant or you're working with anybody who needs access to your
account for some reason or another you make sure to limit their permissions and
set up their own login and the other thing that I really like about this is
that you know how sometimes like you mess up typing your password or
something like that and it locks you out after three
attempts if you have a sub login like that person can deal with all the
administrative headache of that themselves without locking you out of
your admin password which is a much bigger headache so sub logins totally
the way to go the next thing I want to talk about is two-factor authentication
now that is a scary sounding technical term but here's what it is so when
you're logging into anywhere you usually need your username and password
what two-factor authentication is is it makes you do a third thing and that is
enter some kind of a code so you may have your phone set up so it'll text you
a code so that not only does whoever's
accessing your account need to know your user name and password they also have to
literally have your phone so that they can see what was texted and they have
just like maybe a minute to type that in before they can get in there are also
other things like there's a tool called Google Authenticator and you put it on
your phone it's an app for your phone and it you can add all your different
sites like I've got zero and slack and gusto and LastPass and all these
different ones on Google Authenticator and then when I log into something I
just pull up my Google Authenticator app and it has a code that changes every
minute so I have like a minute to enter in my code or maybe it's even 30 seconds
I don't really know but I have a certain period of time a short period of time
where I can enter in my code and again I need to have access to that Google
Authenticator app before I can log in so it's an extra level of security that's
really smart to have on all of your systems so take a look at some of the
tools you're using and if it allows for setting up two-factor authentication by
all means you should do that all right so let's talk about passwords themselves
they should be long they should be unique they should be complex so they
should have like special characters in there they should have numbers and
letters and things like that I've read different reports where some people say
oh it's like easier to get into if it's all jumbled versus if you have like a
couple of words that don't mean anything together separated by a number some like
that I don't know but I would recommend that whichever you do whatever
combination you have you make your your passwords as long as possible like 32
characters and up you want it to be really long you also don't want to have
the same exact password on every single thing that you login a lot of people do
that because it's easier to remember if you just have one password that lets you
into all these different things then it's easier to remember but the problem
is it's also easier to get into all of your stuff
not only can they get into this site but they can get into all of them so you
want to make it as hard as possible to get into your stuff all right so this is
where the password vault comes into play it it's basically what it sounds like it
is one piece of software that holds on to all of your different passwords for
all of the different sites that you log into it keeps it nice and safe and
secure and but it's easy because you just need to know your own password to
log into it to get access to all these different things okay so I have it as
Chrome extension on my system so whenever I go to a site that is kept in
that vault LastPass will automatically recognize what the site is and go oh
which of these passwords would you like to use I see you're on the chase site
and I pick the one I need and it automatically populates the username and
ID so even though I have these really long complex passwords I don't have to
remember them because LastPass remembers it for me so it will automatically fill
those in I can log in without a problem there's an app for my phone so if I'm
accessing stuff on my phone I can use it there also
also when I'm signing up for a new site and I want to create a new complex
password I can just go generate password and it will automatically come up with
one and fill it in for me and then it'll say hey do you want me to save this
password to your vault and I say yes please and then it saves it and away we
go so here's the other thing that you can do with LastPass is we can create
groups basically within LastPass we're different people share the same
passwords so if I'm sharing a password with the accountant on the catching
clouds account then she has access to my passwords I have access to my passwords
scott has access to the passwords and but nobody else does so we can share
them securely and they're encrypted and everything else and it's really handy if
we're sharing passwords with clients we can do the same thing or we can actually
literally just send it through LastPass and
they accepted on their side so we don't like have one folder that we all have
access to but you can just like send it to somebody else
and it gets sent encrypted and it unencrypted sit on their side and
everything else so it's pretty sweet the other thing LastPass will do is they
provide security checks so you can run a security check on the system and it'll
go you know what this password not so secure maybe you want to fix that so
it's got some really great tools and stuff embedded in it so I think it's a
really great bang for the buck it's only like I think I think it goes from $2 to
$4 per month per person who's using it which is not a huge investment in your
security and you know it makes my life so much easier if you're using LastPass
or using a different password vault leave a comment down below tell me which
one you're using and tell me if you like it don't like it whatever I think other
people will be interested in doing that and also down below we have a link to
our e-commerce security best practices I think it's what we called it it's an
e-book that we made just to help you guys keep your stuff nice safe and
secure so if you're interested please check that out I think that's it for
today if you like this video please like comment and share if you haven't already
please subscribe and I'll catch you later
For more infomation >> Candidates debate the 'Me Too' movement, Kavanaugh hearings - Duration: 5:19. 
For more infomation >> Elizabeth Warren won't commit to serving full second term - Duration: 1:59. 
For more infomation >> All American | A Tale of Two Teams | The CW - Duration: 1:11. 
For more infomation >> 2 face kidnapping charges - Duration: 0:50. 
For more infomation >> WESH 2 Investigates risky driving near railroad tracks - Duration: 3:05. 
For more infomation >> Rule to seal juvenile documents on hold in Supreme Court - Duration: 2:32. 
For more infomation >> 2018 2nd CD Granite State Debate: Public money, restrictions for abortion - Duration: 4:47. 
For more infomation >> Election one week away - Duration: 1:14. 
Không có nhận xét nào:
Đăng nhận xét