(800) 931-6557
(800) 931-6557
ASP
  • Home
  • Accounting
    • FAQ
  • Recruiting
    • Recruiting Team
    • Recruiting Process
    • Recruiting FAQ
  • Openings
  • Oregon
  • Washington
  • Colorado
  • About
    • Clients
    • Testimonials
    • Diversity, Equity and Inclusion
    • Resources
    • Submit Resume
  • Contact
  • Payments
  • Blog
  • Home
  • Accounting
    • FAQ
  • Recruiting
    • Recruiting Team
    • Recruiting Process
    • Recruiting FAQ
  • Openings
  • Oregon
  • Washington
  • Colorado
  • About
    • Clients
    • Testimonials
    • Diversity, Equity and Inclusion
    • Resources
    • Submit Resume
  • Contact
  • Payments
  • Blog

​In Pursuit of Profit

Read our expert article below or sign up to get articles sent to your inbox.​

8/19/2021

Comments

Best Practices: Accounting and Cyber Security

 
Accounting and cyber security
​This summer, the IRS began urging tax professionals to increase their security measures amid a storm of increased cyber-attacks. Through the first half of 2021, cyber-attacks against tax professionals had already outpaced the annual numbers for 2020 and 2019. And tax pros are not alone.
​
Cyber security has become a hot topic among all financial professionals over the last year as security attacks against businesses and individuals soared during the pandemic. Michael Cohn explains the recent rise in security threats when he says, 

Identity thieves and fraudsters were particularly busy last year and this year taking advantage of the COVID-19 pandemic as many tax pros worked remotely from home and their firms were forced to lower their cyber defenses. The economic downturn also served as fuel for a variety of scams and schemes to steal money and identities.
So, how do you keep your financial data secure? 
Follow these best practices to keep your accounting-related information safe:

Following Security Basics
Security best practices are important in all areas of the business, but are especially vital in areas where accounting automation is considered. The scary truth is that while cyber attacks have risen uncharacteristically over the last year, they are unlikely to fall back to the pre-pandemic “normal” moving forward because criminals have now found new ways to exploit the vulnerabilities of remote work and will continue to do so as long as companies leave the door open for them.

Every company, regardless of size or industry, should be following basic security best practices like:
  • Requiring strong passwords
  • Changing passwords often
  • Requiring multi-factor identification
  • Setting access levels for employees
  • Maintaining access logs
  • Encrypting sensitive information that is being stored
  • Installing anti-virus software on all devices
  • Working behind a firewall
  • Implementing a VPN
  • Running regular data backups

These precautions help keep unauthorized people out of the business to keep value in and should be implemented regardless of the current risk level.

Separation of Duties
In accounting, a separation of duties is typically recommended to reduce fraud risk. However, a separation of duties can also improve cyber security because it distributes the company’s financial information across multiple employees, reducing the damage that can occur if someone’s login credentials or device gets compromised.

When one person controls everything from invoices to bank account information to payroll, this poses a huge risk if that person falls victim to a cyber-attack. However, if these roles are spread out, a cyber attacker cannot gain access to as many areas of the business, creating a safeguard against the kinds of widespread attacks that bring down an entire organization.

Ongoing Education
As technology has evolved, cyber-attacks have followed suit, which means that today’s biggest threats were unheard of a decade ago (and in some cases, even a year or two ago). Staying abreast of the latest cyber threats is the best way to protect your company against financial data breaches.

When it comes to cyber security, you are only as strong as your weakest link, which means that if employees are ignorant to the types of threats that could be coming, they are more likely to fall victim to them and the organization will suffer as a result. Ensure someone within the organization is paying attention to the types of risks that your business is facing and communicate these risks with your employees at large.

Depending on the nature of the threat, you may want to try testing your security protocols to discover where weaknesses exist. For instance, many IT departments make it a practice to periodically test a fake phishing scheme to see if they can get employees to click on links in faux malicious emails or provide information that they should not be sharing. These types of tests indicate where there is a greater need for education and preventative measures to keep the company safe.

Implementing Company Policies
It is now widely accepted that remote bookkeeping and accounting (as well as many other positions) are here to stay. Subsequently, the security challenges that remote work poses will need to be managed long-term.

Creating company policies and communicating them with staff and vendors is a key security management strategy to ensure everyone is on the same page. Clearly identify what is and is not allowed when it comes to company data, especially across gray areas like working outside of the office in public or accessing information from personal devices. Ensure employees know where to go with questions and how to report issues they encounter to help prevent security threats from coming to fruition.  

Vendor Management
The measures outlined above are important steps to take in protecting your company and your customers, but they are not the be all end all of security precautions. Remember, you can do everything right internally and still become a victim of a cyber attack because of a vendor’s vulnerability.

Understand who has access to what information, both internally and externally. Pay particular attention to your bookkeeping company or outsourced accountant, software providers, web hosting platform, and other partners that may have access to your most sensitive data. Manage access to information across employees, third party contractors, consultants, vendors, and partners and only provide access to what is absolutely necessary. Additionally, make sure you know what is being done with information that is shared externally – who else has access to it, how it is being stored, and how it is being transmitted.

Looking for more ways to develop your accounting department? Check out one of our most popular articles: How to Improve Your Accounting Department in The Next 3 Months
Comments

    SUBSCRIBE:

    DOWNLOAD:

    The Ultimate New Business Formation Checklist

    DOWNLOAD:

    Accountant Evaluation

    Categories:

    All
    Accountant
    Accounting
    Accounting Systems
    Audit
    Bank Reconciliation
    Benefits
    Bookkeeper
    Bookkeeping
    Brand
    Budgeting
    Business Analysis
    Business Trends
    Cash Flow
    Change Management
    Checklist
    Closing The Books
    Colorado
    Community
    Contracts
    Controller
    Depreciation
    Ecommerce
    Economy
    Finance
    Fraud
    Government
    Hack
    Hiring
    HR
    Infographic
    Internal Controls
    IRS
    Laws
    Leadership
    Legal
    Local Economics
    Manuals
    Market Trends
    News
    Nonprofit
    Online Bookkeeping
    Oregon
    Outsource
    Payroll
    Payroll Taxes
    Planning
    Procedures
    QuickBooks
    Record Keeping
    Recruiting
    Recruiting Market Reports
    Remote Workforce
    Reporting
    Restaurants
    Risk
    Sales Tax
    Scam
    Security
    Small Business
    Social Media
    Software
    Startup
    Statistics
    Strategy
    Taxes
    Technology
    Time Management
    Washington State

    Archives:

    March 2023
    February 2023
    January 2023
    December 2022
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    June 2015
    February 2013
    October 2012
    November 2011
    May 2011



    RSS Feed

Services

Accounting Services
Recruiting Services

​

Company

About
Oregon Team
​Washington Team
Colorado Team
Clients


Support

Contact
CC
FAQ
​Resources
​Blog
​

ASP

Your resource for accounting & recruiting services. Serving Seattle, Bellevue, Redmond, Kirkland, Portland, Beaverton, Hillsboro, Lake Oswego, Denver, Lakewood, Aurora and more.
Contact us today for a free,
no-obligation consultation:
Toll Free (800) 931-6557
WA (425) 492-1901
OR (503) 473-0122
​CO
(720) 572-8211
info@asp-nw.com
© COPYRIGHT ASP - ALL RIGHTS RESERVED 
 A CFO Selections Company
Privacy Policy