By Brad Smith
Accountants have access to very sensitive data, which includes information such as credit card numbers, bank details, and home and office addresses, etc. if this information landed into the wrong hands, the consequences would be disastrous. According to CrowdStrike, a cyber-security company, accountants are often targeted during cyber-attacks because of the Personal Identifiable Information (PII) they are privy to. With most people working from home due to the Covid-19 pandemic, the risks have increased two-fold. As an accountant, you can keep data safe by doing the following:
1. Download a VPN
What is a VPN? VPN (Virtual Private Network) creates a secure tunnel that allows you to connect safely to another network via the internet. You can use the VPN to hide your location and mask your IP address. A VPN allows you to connect to servers in different locations using the server’s internet connection.
If the server you are using is in a different country, it appears as though you are browsing from that country. The most important aspect of a VPN for an accountant is that it encrypts all communication by using AES (Advanced Encryption Standard), which has 256-bit keys, and is referred to as AES-256 and used by U.S government to protect classified data.
2. Store all data on the cloud
Before the cloud, all documents were stored in physical files, which were easy to steal or damage. While nowadays, people shifted to computer storage, it is not 100% foolproof and is subject to cyber-attacks and data breaches. Servers face a lot of threats and need a full time IT support to thwart attacks.
In comparison, the cloud’s protection is better and lower in cost. The cloud identifies threats and closes security gaps by updating its software. This offers accountants better protection from data breaches than other storage forms.
3. Delete all data you do not need
Most accountants keep client data long after they have cut ties with the client. Keeping this data is dangerous as hackers can steal this data and use it for commercial gains. In case you have a security breach, and data is stolen, your firm might lose a lot of money in lawsuits from clients.
4. Use stealth logins
One of the biggest concerns for accountants, when they need to outsource bookkeeping tasks, is third parties gaining access to the firm’s login details. This means a third party is a potential risk and can take clients’ details and misuse them. PMP (Password Management Protection) or Stealth Logins serve as a significant tool in preventing third party users from gaining access to the login details.
A stealth login encrypts your username and password, and during login, they are both masked, meaning an external user cannot see the details. With a stealth login, only users within a particular IP address can log in.
5. Be wary of IoT devices
More devices are now connected to the internet than ever before, and this increases the risks of data breaches and malware attacks. Today, most accountants use copiers, printers, mobile phones, tablets, and laptops are internet-enabled, and with most of these devices being used outside your firm’s secured servers, they become vulnerable to malware attacks. You must account for all the devices that are internet-enabled when you put cybersecurity protection in place. If one device connected to your network is infected, it can risk the entire network.
6. Obtain cyber insurance
Cybersecurity measures lessen your data breach risks but do eliminate them. You need protection in the event your network is hacked and client data compromised. Strong cyber insurance helps to protect you from the consequences that come with hacking such as ransomware, data loss, and other cyber-attacks. The cyber policy acts as digital insurance that covers any legal costs related to data breaches and other expenses such as computer forensics and credit monitoring.
It is important to educate yourself on the different types of cyber threats. For a large accountant firm, you should schedule seminars that will educate you and the other employees on how to detect and mitigate cyber-threats. Employees are usually the weak link that hackers target by sending them malicious links or attachments via email.
Hackers target accountants for the valuable data they have access to. As an accountant, you must be extra careful to protect client data. Downloading a VPN makes all the difference, as well as other measures such as storing data on the cloud, deleting all unused data and using stealth logins, which prevent third party vendors from misusing your data. IoT devices are a doorway used by hackers to infiltrate your network, which can lead to lawsuits, which you can mitigate by getting cyber insurance. Educating your employees on cyber threats will go a long way in reducing risks caused by human error.
Brad Smith is a technology expert at TurnOnVPN, a non-profit promoting a safe, secure, and censor-free internet. He writes about his dream for a free internet and unravels the horror behind big techs.