Forum Discussion

DanT's avatar
DanT
Experienced User
22 days ago

Opting out of new security changes

How can I opt out or disable the new security changes. 

As a small business there is myself and my wife, I don't see where a security risk.  If I need an inactivity timeout to lock the device I am going to configure it on my computer not at an application level.  I saw a comment that this is for Australian Tax Office compliance. If this is the case why are you forcing it onto New Zealand customers?

The two factor auth was painful enough but to have to log back after 20 or 30 minutes is going to completely do my head in.

  • SuzanneWalker's avatar
    SuzanneWalker
    Experienced User

    That was my first thought too, for exactly the same reasons. May be helpful for some businesses (but if they don't already have policies in place for when you move away from your desk you've got to wonder). But I work from home, husband/wife business, no one else is here - it should be up to us to manage our own risks, not an across-the-board, one-size-fits-all and quite significant change affecting all users. Just more steps/time when clients are calling and you're looking for their history etc as they talk. 
    Happy enough with 2FA once every 24 hours, but just like with Outlook or other apps/platforms open during work hours, we manage risks as we need to. Will we be asked for facial recognition on every login next, just to be sure?? LOL 

    MYOB - please add an opt-out function. 

  • Ellemm's avatar
    Ellemm
    Experienced User

    It seems that the ATO and/or MYOB don't understand what a bookkeeper's day really looks like... we're in and out of working in MYOB all during the day, but often with 30 mins or more inactivity between jobs, or even between 2 different company files.  This is terrible news!

    Yes, an opt-out function would be welcomed.

    • gavin12345's avatar
      gavin12345
      Ultimate User

      Hi Ellemm 

       

      You might find this article interesting, esp with regard to the ATO's role in this saga. Author is not an ATO 'apologist', it's just that it might not be the ATO at fault here.

       

      Regards

      Gavin

      • DanT's avatar
        DanT
        Experienced User

        I was also disturbed that I needed to use 2FA to login to the community also.......!  Must be some serious security risks in this portal to require 2FA

    • Jo15's avatar
      Jo15
      Experienced Cover User

      I work for a multi group of companies and have up to 7-8 myob files open all day.  Only 3 Myob Files have operating Payroll.  All the others are Trading myobs and not the actual accounting with Payroll.  The Trading only Myobs should be able to opt out of the security function.  Or another option could be when connecting to the ATO and sending the file through, then you need the 3 step security function.  I think this last option would be the best.

      Like

  • cramptons's avatar
    cramptons
    Experienced Cover User

    This is becoming a joke... and please, when is MYOB going to fix the problem with emailing remittances????

    Surely with the EOM approaching this needs to be addressed.

    • AmandaCL's avatar
      AmandaCL
      MYOB Moderator

      Hey cramptons 

      We've made some changes to to resolve this bug. If you receive a prompt to update, make sure you do so to be able to send to multiple suppliers again. More information can be found on this Ideas Exchange post!

  • Jo15's avatar
    Jo15
    Experienced Cover User

    Hi,

     

    I work for a multi group of companies and have up to 7-8 myob files open all day.  Only 3 Myob Files have operating Payroll.  All the others are Trading myobs and not the actual accounting with Payroll.  The Trading only Myobs should be able to opt out of the security function.  Or another option could be when connecting to the ATO and sending the file through, then you need the 3 step security function.  I think this last option would be the best.

    • AmandaCL's avatar
      AmandaCL
      MYOB Moderator

      Hey Jo15 

      This idea has been mentioned a few times on our Ideas Exchange however it's unlikely that we'll explore an opt-in, opt-out option as this is a mandatory change. Feel free to reach out if you have any more questions. 

      • DanT's avatar
        DanT
        Experienced User

        AmandaCLcan you please explain why this is a mandatory change.
        I am in New Zealand not Australia so have no interaction with the ATO
        I don't use payroll features

        I work from home or my office
        There are not strangers that could access the system
        It's my business am I not responsible for my own security policies
        I don't want my screen to timeout every 20 minutes

         

    • nursery's avatar
      nursery
      Experienced Cover User

      yes, the last option makes sense to me too, but surely there are teams of people at MYOB looking at all of these options, or are they waiting to find solutions from their users, if they still have any left

  • nursery's avatar
    nursery
    Experienced Cover User

    Very good point about the New Zealand customers being made to re=sign in due to your ATO security changes, when they are not in Australia. I am dubious about ATO compliance and security requirements being behind this change. Thinking there may be other reasons MYOB have issues with security

  • EurellsinLeeton's avatar
    EurellsinLeeton
    Contributing Cover User

    I totally agree with the comments that we should be able to choose to opt out of this security changes.

    What another headache you have given us at MYOB.

    To top it off you are doing maintenace or something so we can't send out any accounts till tonight after 8pm. 

    Come on team Myob surely you can organise your system much better than this.

    Don't tell me some new person has taken over and changing the system to suit their ego Ha ha hope this couldn't be true.

    Why do this at the end of the month. Plan a little better next time please  

    • MikeG1's avatar
      MikeG1
      Admin

      Morning EurellsinLeeton , if it was not a mandatory requirement, we would definitely want to provide customers the flexibility to choose their preferred inactivity timeout and security. 
      Another member also mentioned that end of month was a bad time for changes. I'll make sure to feed this back to the product teams for consideration in future.