Manager security depends heavily on user model design and access scoping in Server/Cloud editions.
Manager distinguishes administrator users from restricted users. Administrators have full platform-level control.
Hardening model:
- keep administrator accounts to the minimum possible
- create restricted users for normal accounting operations
- apply per-user permission sets aligned to duties
Manager guidance notes restricted users have no useful access until explicit user permissions are created.
- avoid broad/full access for routine users
- scope tabs/reports/settings access per business function
- review permissions after enabling new modules/tabs
If multiple businesses share one Manager server/cloud account:
- do not create unnecessary administrator users
- assign users only to required businesses
- regularly audit cross-business visibility
¶ 4) Backup and data protection
Manager business files are critical accounting records.
- perform regular business-file backups
- protect backup artifacts with strong access controls
- test recovery of a full business file regularly
- monitor user and permission changes
- enforce strong passwords and account lifecycle controls
- document admin break-glass and recovery procedures
- Manager Guide: Create users: https://www2.manager.io/guides/9162
- Manager Guide: Set user permissions: https://www2.manager.io/guides/33078
- Manager Guide: Businesses (backup-related references): https://www.manager.io/guides/businesses/
Any questions?
Feel free to contact us. Find all contact information on our contact page.