Everyone understands the importance of protecting their data. But accounting firms, as institutions that deal with other people’s highly personal information, financial data and tax records need to be especially vigilant. Ensuring that a client’s information is kept secure is of paramount importance.
You may think that your small firm is unattractive to hackers and bad actors, but you would be wrong. The cyber-criminals actually view small firms as easier targets, and as a result, 58% of the attacks which took place in 2017 involved small business.
These criminals also keep moving – as soon as one scheme is detected and dealt with, they devise another.
Therefore, every accounting firm will want to make sure that they are doing everything possible to protect data from both internal mistakes and external threats. Here are our Top 5 ways to keep yourself – and your clients – protected.
1. Ensure the Basics are in Place:
Antivirus software and business grade firewall protections are no longer a luxury or an indulgence – in fact, they have not been for a long time. Double check to make sure that you have a true firewall in place, that your anti-virus subscription is up to date, and that you have policies in place for secure passwords.
2. Stay Safe at Home:
Working remotely from home or while traveling is commonplace these days. However, it may be challenging to maintain a locked-down network at the office, if your employees are accessing the network using unsecured means. Someone working from home and accessing sensitive material can be a hacker’s dream scenario, so here are some tips on stopping them in their tracks.
Check that your target web address starts with HTTPS, which stands for Hyper Text Transfer Protocol Secure. This refers to the code over which data is sent between your browser and the website you are accessing. The “S” at the end refers to its “Secure” and encrypted protocol.
Also, do not proceed if the web address does not have a small padlock to its left. The padlock indicates a current SSL Certificates, which allows secure connections from a web server to a browser. If you don’t see the padlock or are warned of an expired SSL certificate, leave the connection immediately.
3. Secure the Physical:
If your network is bulletproof but your facility is not secure, your data may still be at risk. Ensure the physical security of your office by implementing card key access, visitor logs and badges. You may also want to restrict access to departments and areas only to direct employees.
Use cable locks to ensure laptops, desktops, tablets, and any other critical devices are locked to desks, or even have employees lock up their devices in a secure area at night.
4. Don’t Forget the Humans:
Your employees need to be educated as to the proper protocols that will help to keep your data safe. Establish policies to define the proper construction and maintenance of passwords, define the acceptable use and transport of technical assets, and set policies to help employees understand the risks associated with doing business on mobile devices. Training classes and weekly newsletters are great ways to communicate policy and remind your employees as to their responsibility.
Important: Keep your clients educated as well. Advise them that sending sensitive financial information over email is not the best idea, and teach them more secure ways to transmit information to your firm. Encourage them to check their own credit reports periodically to identify suspicious activity which may indicate that they have been compromised.
5. Ask the Experts:
Large firms have the means to employ advanced security technology. They can afford to monitor their network and detect breaches with sophisticated systems.
You may think that this capability is out of your reach as a small firm, but it isn’t. Managed service providers can avail you of all the knowledge that is increasing every day, and take the pressure off you to keep up with the criminals’ ever-changing schemes.
You can then focus on providing the best service to your clients, with the assurance that their financial security is being protected.
An outside IT Services firm to help you test your systems and make sure that they are secure. Alliance IT is happy to help you to assess your situation and make any changes necessary to protect your firm and your clients.
You can check some of our best advice for keeping your network secure here.
