As security measures from your office are different to working at home, you may be wondering how safe and secure you are when working from home and to ensure that your work is not compromised.
Frequently asked questions from users who are working from home:
1. Software that holds Tax File Numbers (TFN) requires a 2 Step Authenticator Code (2SA). Why is this not the case for FYI?
Any software that holds TFN are required to enforce 2SA. The reason why it is not the case for FYI is we do not hold the TFN, The TFN from Xero Tax is encrypted in our system. In terms of Tax Assessments Automation, the TFN is also not available within FYI, we recreate a copy of the Tax Assessments based on merge fields without the TFN for this reason.
We leverage the authentication of Microsoft 365, which means the application of 2SA is outside our control. However, your practice can (and we recommend this) enforce 2SA across all users from within Microsoft 365 Admin. For instructions, refer to this this article from Microsoft https://docs.microsoft.com/en-us/microsoft-365/admin/security-and-compliance/set-up-multi-factor-authentication?view=o365-worldwide.
2. Once logged into any Microsoft account (such as Outlook - which generally doesn't hold critical info), FYI automatically logs me in and no password is required. How can I stop Microsoft 365 remembering my password?
Use the following step to prevent Microsoft 365 remembering your password:
- Open Office.com in a separate tab of the browser session.
- Select sign out and close the entire browser session (that is, close the browser altogether)
- Open the browser again and open Office.com
- On the Home page, select Forget this account.
- When prompted "Stay signed in?", click No. If you prefer, also checkmark "Don't show this again".
Note: It is also best practice when in Office.com or app.fyidocs.com is always logout at the end of each session.
Another setting to increase the security of FYI is to reduce the default timeout time if users leave FYI inactive for a period of time. The default is 8 hours inactive time before a login times out and users will be automatically logged out and prompted to login again in order to continue using FYI. This timeout can be changed for your practice for all user by FYI Admin. Refer to Managing Practice Settings.