Knowledgebase
Important Notice About Data Security - QRemote Security, Best Practices, and Recommendations.
Posted by Rajendra Dewani (QODBC Support) on 20 August 2018 07:23 AM

What are the best practices regarding data security on the internet when using QRemote?

QRemote can transfer data in an un-encrypted fashion (plain text), or you can set up your own encryption key to encrypt the data which is preferable for transfer over the open Internet.

QRemote without modification will transfer your QuickBooks accounting raw data including customer names and invoice details between the client and the server in an un-encrypted fashion (plain text). This is the fastest way, but if your data is on the open internet and not already protected by a VPN or similar system, we highly recommend you add a layer of protection to the process by setting up your own encryption key to encrypt the data during transmission.

QRemote has two data security features. 

1) Password - QRemote Server will verify the Password send by QRemote Client for authentication and will only allow connecting if the password specified in QRemote Server matches the password sent by QRemote Client. The default password is "QODBC#QRemote$1".

2) Encryption - This feature will add additional data security by encrypting the data before transferring the data over the internet. By default Encryption is turned OFF You may turn ON the encryption feature to encrypt the data transfer between QRemote Server and QRemote Client. For more information click here.

 

General/Common for intranet and internet users:

  • It is advisable to change the default QRemote Client and Server password. The default Encryption Key/Password is set "QODBC#QRemote$1"
  • Never use a standard/generic password/encryption keys such as P@ssw0rd, 123456789, Abc@123#, qwerty@123#, etc.
  • The new password should be a complex/strong password. The password should be at least eight characters long and should contain an upper-case alphabet, a lower-case alphabet, a numeric and a Non-alphanumeric character (special character): (~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/) 
  • Make sure you open the port "4500" on the machine that is using QRemote Server and Client.

 

For intranet (LAN) users

  • Make sure you open the port "4500" on the machine that is using QRemote Server and Client for local domain only.
  • Make sure the internet router/firewall does not allow port forwarding of 4500 to any of your local machines.
  • It is advisable to change the QRemote Server and Client password frequently. 

 

For internet (WAN) users:

  • Make sure you open the port "4500" on the machine that is using QRemote Server and Client for local domain and public/private.
  • Make sure the internet router/firewall does the port forwarding to the specified computer only.
  • Configure your firewall or internet router to accept the incoming connection(s) from trusted IP Addresses or Domains only.
  • Do not to use the default password of QRemote Server and Client. Please change the default password to a complex password.
  • It is highly recommended to change the QRemote Server and Client password frequently.
  • Share the password of QRemote Server only to the authorized person(s).
  • It is recommended to enable the Encryption. For more information click here.

 

Also, refer to,

How to create or configure a QRemote DSN

How to turn On/Off Encryption on QRemote

(0 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please complete the captcha below (we use this to prevent automated submissions).