Impressive advancements in technology are made daily, including an increase in the sophistication of cyber security threats. As cyber criminals continue to become more advanced in their approach, an ever-increasing challenge is posed to accounting firms in particular. To ensure client data is secure, it is essential that accounting firms are aware of the steps that should be taken to oppose cyber threats and keep these methods and systems up to date. Read on for an overview of the most important steps accounting firms should take to stay secure online.
Passwords
It goes without saying that passwords are one of the first things a cyber criminal will attempt to overcome when attempting to access sensitive financial information. This is also often the easiest thing to break through if firms have failed to take the necessary steps to keep passwords secure.
Passwords should be changed regularly, at least once every 30 days, and password combinations should be highly advanced. A mix of uppercase and lowercase letters, numbers, and special characters should be used to construct passwords. Passwords should under no circumstances contain guessable information including names, pets, locations, company names, or similar. Ideally, passwords will be a random assortment of characters.
These complex passwords should be stored on a secure password server and should not be written down or shared over company instant messaging apps or software. Taking these steps will go a long way in fighting off cyber criminals.
Personnel Access
Access to sensitive information should be strictly limited to authorised personnel. This access doesn’t stop at access to company systems and passwords; it extends to those who have access to hardware, and even building access. Stay wary of who has access to your company equipment — this could be engineers fixing broken laptops, or even maintenance workers entering the building to fix the water cooler.
Buildings containing sensitive information, or buildings containing hardware containing sensitive information, should have doors secured at all times, with access granted only to authorised personnel. This may look like putting locks on all office doors, with members of staff and strictly no other individuals being provided with electronic passes to pass through the building.
Ensuring personnel access is strictly monitored and maintained is essential to maintaining the safety and security of accounting information and goes a long way in ensuring data security for accounting firms.
Phishing Emails
All staff members should be properly trained to spot phishing emails or email impersonations. This is a very common tactic employed by cyber criminals to access your sensitive data, either by encouraging you to click a link or attachment which grants the sender access to your computer files, or by persuading you that they are an employee and requesting that you send them sensitive information.
Training all existing staff and putting new staff through such training before granting them access to sensitive financial documents will be instrumental in protecting accounting firms from cyberattacks.
Pro Drive IT are a Woking-based IT company providing a range of IT services including IT support, IT audits, strategy, and cyber security across Surrey and beyond. Our friendly team provides specialist, bespoke IT services that cover a range of business sectors, budgets, and use cases. Whether you need IT support in Surrey or you are based in London or across the South East, we can help.
