Dominion Payroll Blog

PSA: Direct Deposit Information in iSolved

Written by Admin | May 18, 2016 1:12:27 PM

Here is a quick “the more you know”, PSA-style update related to some security features of the iSolved platform and how they can help protect you and your employees from fraud attempts.

As a quick background, an increasingly common hacking scam that has affected some companies at a national level in the US is one in which a hacker will steal the payroll login credentials of a client administrator, log into the payroll, and replace employee direct deposit information with their own. When the administrator then goes in to process their next payroll, funds are sent to the hackers’ accounts rather than the intended employees, which is…well…bad juju to say the least!

We take our responsibility for helping you prevent such fraud attempts from succeeding very seriously, and we have been working diligently with our developers to make sure we stay ahead of any security threats. There are several security features in place on the iSolved platform that you can leverage to your advantage:

  1. Two-factor authentication:
    If someone tries to use your credentials from a different IP address than the system is used to seeing login activity from, they will be prompted for an authentication code that can only be sent to the email address or cell phone associated with the ID.
  2. Direct deposit change alerts:
    If an employee is enabled for Employee Self-Service with an email address in Employee Maintenance > General, the employee will always receive an email alert if their direct deposit information is changed that prompts them to contact their administrator if they did not initiate the change.
  3. Audit reports:
    When you run your payroll preview, there is a New Hire and Change Audit Report included automatically. Review this report to make sure that any changes that have been made to employee information were indeed initiated by the user in the log.
  4. Company policies:
    It is also our service policy only to release or change information in a payroll if we receive the change request from an authorized contact. You can review the list of authorized contacts for your company under Client Management > Client Summary > Contacts. If any updates need to be made, please let us know via customerservice@dominionpayroll.com.

The best practice to prevent fraud is being vigilant about your information. Please refrain from sharing your login credentials with other people and/or storing passwords in unsecure locations. If you do receive any of the above notifications for changes or access requests you did not initiate, please take them seriously and notify our team at customerservice@dominionpayroll.com!

Thank you,

Jordan Vrescak
View full post