People share everything online with total strangers–what they had to eat, where they were every waking minute of the day, their thoughts, their work and school history, and pictures of relatives, pets, and children. People may need to realize how that information can put their business at risk.
How often do you remember people saying their Facebook account has been hacked in the last five years? Hackers know that people tend to use the same password over multiple platforms. Hackers can steal passwords from minimum security sites like social media to hack into more secure employer systems.
Then, there are phishing scams, malware, and fraudulent phone calls asking for personal information. The criminal element seems tireless in finding a payday at your expense. This is why having a company-wide cyber-security strategy is essential to maintain your clients’ privacy.
Make Sure Everyone Is On The Same Page
The most essential step in any security strategy is ensuring everyone in your employ follows the same protocols. Your security is only adequate if it’s in place on all systems. So, talk to your employees about your strategy, why it’s necessary, and common ways scammers trick people into bypassing employer-mandated security so everyone understands the risk.
- Have separate passwords for your work and private accounts.
- Don’t open attachments on emails from people you don’t know.
- Pay attention to the sender’s address. If it looks off, don’t open the email.
- Feel free to verify the information by calling the company’s main number rather than taking the email or caller at their word before giving out personal information.
- Don’t use personal cell phones or computers when there is a company option.
Articulate Communication Guidelines and Post Them In A Public Place
Make certain your employees understand what types of communication are secure. For example, emailing a client for a social security number poses a serious risk. On the other hand, having the client fill out forms on encrypted business document management software keeps their social security number safe. Using these document collaboration tools also saves the client a trip into the office as they can upload documents securely from their home or office rather than trusting the mail.
Use Two-Factor Authentication
It’s a common complaint that you need multiple authentication checkpoints before entering certain sites. It may feel like a hassle, especially when you forget your phone in the car, but the reality is that two-factor authentication works. A hacker not only needs to figure out the user’s password, but they would also need your employee’s phone, fingerprint, or PIN. It’s an extra layer of protection for your company and your clients’ financial information.
Regulate The Use Of Company Gadgets
If you or your staff uses a company computer or cell phone to access secured data, no one should download anything onto the hardware that hasn’t been pre-approved. If you have employees working from home, this gets more complicated. The best option at that point is to have them access secured information via cloud-based accounting practice management software. That way, the security is in the program rather than on the computer.
Make Backups
If malware crashes your system, you need access to all of your data. Backups on a remote server or cloud-based software in addition to your files will give you peace of mind. This is most effective if the system backs itself up automatically so you always have the most recent and accurate information on all copies.
Consider A Security Audit
There are companies you can hire to test your security so you know where you need to shore up your defenses. This is particularly important when you have remote offices and people are using their home computers.
Destroy Unneeded Data
Like many other industries that deal with client information, accountants must keep closed files for a specific time before destroying them. Once that time has passed, you need a secure system for destroying old records for good.
Use Strong Passwords
It’s easy to remember a pet or child’s name, which is why many people use such passwords. They are also likely to use words that relate to the function, like “Admin1234.” Hackers tend to be smarter than we’d like and adept students of human nature. They look for weak passwords based on common behaviors. Choosing a strong password that is harder to crack may stump them. Use complex words, mixing capital letters, special characters, and numbers.
Example: Password vs. P4$$w0rd!
Update Security Regularly
If you’re using cloud-based software, then your system will update automatically. If you buy software for your computer, you may need to download updates. Security companies update software as they discover new threats, so it’s important to always stay current.
Hopefully, these tips have made you consider your online security for your personal accounts and your business. Establish or revamp your cyber security protocols to ensure your clients’ data is safe.
Video
Infographic
People share a lot of personal information online, which can risk their privacy. Cybersecurity threats like phishing scams and malware make it important to have a company-wide cybersecurity strategy to protect clients’ privacy. Discover nine essential cybersecurity strategies in this infographic.