Keeping Firm and Client Data Safe

But first, it’s important to understand what today’s hackers are doing.

1. Accessing financial data: It seems like every other day we hear about another business that was hacked, and customer data obtained illegally. As a CPA, you’re privy to the type of financial data that hackers would love to get their hands on.
2. Vandals: Hackers are not always looking for confidential data. Sometimes, it appears that they simply want to cause problems. Social hackers, for instance, are not interested in obtaining your client’s data illegally, they just want to cause trouble.
3. Ransomware: Ransomware attacks have increased in recent years as more hackers seek to profit from their criminal activity. In a ransomware attack, malicious software is used to infect the computers of a business or organization, taking control of the computer and restricting user access until a ransom has been paid.

But it’s not only hackers who can pose a threat to your data. Disgruntled former employees can also wreak havoc on an unprotected system. And careless acts such as leaving a laptop or computer unattended, particularly in public places, can threaten your data as well. Here are 5 ways you can keep your computers and your valuable data safe.

1. Provide sufficient security training to staff
   Training should include basics such as how to create a strong password, as well as how to recognize suspicious emails. If you have staff working remotely, they should also be schooled in how to keep data safe on their own devices. Remember to create a password for any electronic device that is provided to your employees, and make sure that passwords are changed regularly.
2. Install anti-virus and malware on all systems
   All computers in your office and at your employee’s homes if they work remotely, need to have  anti-virus and malware installed on their computers. It’s also imperative that the software be kept up-to-date. Viruses can change by the minute, and if you don’t have the latest protection, your system can be easily infected.
3. Create and use multiple access levels
   One of the most important things you can do to keep data safe and keep confidential records off-limits is to create multiple access levels for your employees. It’s also important that any employees that leave the business are immediately removed from the system and access levels deleted.
4. Consider email attachments suspicious
   If you’re expecting an attachment and the source is known, it’s usually fine to open an attachment, but unfortunately, it’s easy to make an email look authentic. Don’t ever click on an unsolicited email attachment, even if you think it’s legitimate, without first verifying the email’s authenticity.
5. Use two-factor authentication
   Two-factor authentication provides an extra layer of security for your business. Two-factor authentication requires that anyone that requests access to your network prove that they who they claim to be. This is done by requiring additional detail such as answering a security question or  entering a code that is texted or emailed to the person trying to log in. While many consider two-factor authentication tedious, it’s a good way to protect your network from outsiders.

With the amount of sensitive data that can be found in a CPA firm, your firm is a good target for online criminals.  And with cloud computing becoming standard operating procedure in most offices, it’s essential that the proper safety measures be put in place to keep data safe from hackers and other unauthorized individuals. Taking the proper security measures will protect both the integrity of your business and your client’s data. Be sure your security measures are up to date.