Is Your Data Secure? A Cybersecurity Checklist for Accounting Firms

Is Your Data Secure? A Cybersecurity Checklist for Accounting Firms

As data moves from client to firm and vice versa, it needs to be protected in transit and on the devices being used to access it, whether it’s your employee’s laptop or smartphone. In addition, your firm’s employees may need to receive and access that data digitally. While sharing documents via the cloud can make it easier and faster for everyone involved, it does add an additional layer of risk in exposing client data.  Also, a frequently forgotten channel of communication that needs to be protected is mail. As a conduit for important documents, it also requires a unique set of security practices.

Protecting client data is an ongoing challenge especially due to the varied ways your clients wish to provide documentation and access to their data. Considering all of this, here’s a checklist to get you started on ensuring client data is safe and secure, no matter how it’s being shared or accessed.

  1. Conduct an annual cybersecurity audit and assessment.  Preferably, this should be done by an outside firm and done annually. Expect the firm to review things such as password policy, privacy policy, agreements with vendors and contractors, data backup, and disaster recovery plans and network security. 

  2. Review every phase of your business processes, whether it’s client onboarding or a standard service such as filing taxes on behalf of your clients.  Review which employees are involved in the various stages and ensure that you have security guidelines in place at every step. You’ll want to ask:

    • Has each employee been required to review and agree to your company’s policies for accessing and sharing company data?

    • If employees are aware of your BYOD (Bring Your Own Device) policy? (And if your BYOD policy is comprehensive.)

    • Does your IT require that passwords are changed regularly? 

  3. Review the security policies of any cloud-based apps or premise-based solutions your firm is using to ensure that:

    • Vendors and providers are PCI compliant

    • Each cloud-based provider you are using ensures business continuity whether there is an outage or disaster

  4. Protect data on premise. A network firewall should be installed, updated, and tested annually. Firewalls prevent unauthorized users from accessing your network by filtering incoming and outgoing traffic and data based on a set of rules. They also provide an additional layer of security that can make it more challenging for hackers to make a malicious attack on your network.

  5. Mail can be at risk of a physical breach of your mailbox or run the risk of getting misplaced or damaged in your office. Once you’ve set up cloud security, consider moving your mail and important documents into the cloud as quickly as possible. When choosing document management providers, be sure to dig into their security policies. 

A final tip: if you’re still unsure of where to start, or want additional information, search for a reputable cybersecurity auditing firm in your local area. Ask for a list of customer references you can call to find out what their experience was with that firm or look for customer reviews or ratings on their Facebook page. This allows you to get more familiar with the different approaches that you can take to protect your business and client data. Three things to ask for are quotes and approaches around: cybersecurity audit, updated plan, and annual support. 


new-postcard

Find out more with The Postcard

Subscribe to get updates, special offers, and more!

invisible

Access postal mail anywhere with a virtual MailBox

sidebarCta

Get your physical mail professionally scanned and ready to view on any device

new-postcard

Find out more with The Postcard

The Postcard, our monthly email, keeps you updated on new products, event invites, virtual mailbox tips, and special promotions.

invisible

Related Posts

Productivity Tips While Working From Home

Productivity Tips While Working From Home

Many of us are working from home these days and have been for quite some time. As the outlook for remote work looks like it will last for a while, we wanted to examine best-practices for staying productive under these conditions.

By Gwen Murray

January 6, 2021

Keeping Your Postal Mail Safe and Secure: A Look Into Our Security Practices

Keeping Your Postal Mail Safe and Secure: A Look Into Our Security Practices

The security of your postal mail is crucial. A few pieces of paper can hold significant amounts of private information and personal data.

By Casey Shaeffer

August 28, 2020

Virtual Mailing Address to Register Your Business

Virtual Mailing Address to Register Your Business

About 50% of all small businesses in the United States are home-based businesses. They come in every shape and size — from landscape designers freelancing out of their garages to a 30-person app development firm with employees all over the country and no

By Mike Brown

May 29, 2020

Join thousands of customers!