At this time in history, more people than ever are working from home. This applies to CPA and accounting firms as well as other types of small businesses. Working from home can be very convenient, but it also offers some challenging issues. One of the biggest issues we have come across that working from home presents, especially for those not used to it, is cybersecurity. Since CPAs and accountants are privy to so much crucial financial information of clients, cybersecurity is even more important for you.
The Rules of Thumb blog from MoneyThumb would like to offer some tips for making sure you and your CPA or accounting firm are providing your employees who work from home the best in cybersecurity, to protect the financial assets of your clients. This article from CPA Practice Advisor provides some very important pieces of advice for helping accountants and CPAs with cybersecurity for their remote workers.
As the article points out, understanding the new cyber threat environment is the first step in making sure your firm is secure. Connectivity and bandwidth issues are being tested like never before, and employees have been forced to perform more work on personal devices, which creates additional security risks. Therefore, data privacy risks have increased exponentially in this environment.
A second point made by the CPA Practice Advisor article is that even if your accounting firm is small, cybersecurity is just as important to you as it is to the big accounting firms. In order for CPA firms to keep their valuable client and company data secure, automation, and Artificial Intelligence, (AI) are a must to mitigate potential risk. New technology is now available that will enable CPA firms to automate security measures and integrate a more behavioral, always-on approach to keeping data secure. Partnering with a cloud service provider with deep data and information security expertise and current experience leveraging AI, machine learning, and automation can literally be a company-saving strategic effort.
Building remote work ecosystems that include Virtual Desktop Solutions, deploying synchronous and asynchronous communication and sharing channels, and using virtual meeting technologies, to name just a few tools, are all IT elements that prepare CPA and accounting firms, large and small, to remain agile and to scale up when they enter growth mode. To be able to react quickly and set a company up for future change and growth, CPA firms need to invest more heavily in IT tools and systems that enable this kind of environment.
A third and just as important point made by the referenced article discusses constantly educating and training your employees in cybersecurity practices and adapting your firms' security plan as needed.
We have listed below important steps accounting firms and CPAs can take from the CPA Practice Advisor article:
- Augment Your Data Backup Processes. Implement multiple daily backups using different methods like the cloud and hard drive backups, for example. Backups should live outside your network, outside your physical office space and should not be virtually connected to your network. The key is the diversity of backup types and consistency.
- Secure Home Networks. More people are working from home because of the coronavirus, which means an increased risk of security breaches via home networks working with your CPA firm’s data. Here are some tips for securing home networks:
- Use a wired connection
- Review equipment that’s being used by staff at the home
- Run updates, patch, and reboot until all updates are made
- Subscribe to antivirus software
- Use two-factor authentication (2FA)
- Remain vigilant both about updates and staff behaviors/education about the threat environment
- Establish Company-Wide Security Policies. Technology like AI will not solve security issues. People remain a huge factor in the success of any cybersecurity system. Therefore it is critical that CPA firms build-out, distribute and update an enterprise security policy that is clear and promotes accountability. This policy should include:
- Clear, enforced password rules
- Restricted access and permissions
- Protection for all devices
- Two-factor authentication
- Documentation disseminated to all staff
- Remote work/Bring Your Own Device Policy
- A security emergency response plan
- Stay Informed and Educated. The cyber threat environment is constantly changing, so keeping abreast of the latest reports and threats is critical to keeping your data safe. Following IT security-related resources like MSSP Alerts, Crowdstrike, Cybersecurity SmartBrief, and the Tech Republic for cybersecurity updates.
The team at MoneyThumb would like to add one more important step for CPAs and accountants to make sure your clients' financial information stays safe, and that is using the best PDF financial file converters on the market. We use SSL (Secure Sockets Layer) technology which is the industry standard and among the best software available today for secure commerce transactions. It encrypts all of your personal information including credit card number, name, and address, to prevent it from being read as it travels over the Internet.