7 ways to keep client data secure

Published
  • May 21 2017, 6:44pm EDT
Accountants and tax professionals are responsible for a vast amount of their clients’ financial information – and as hackers proliferate and become more sophisticated in the methods they use to steal that information, it’s more important than ever to protect it.

With that in mind, Nastassja Tejada, head of sales in the Accountant Advisor Program at online small-business lender OnDeck, suggested these seven tips for protecting your clients’ data, whether they’re individuals or businesses. (A text version of these tips is available.)

<P>

Accountants and tax professionals are responsible for a vast amount of their clients’ financial information – and as hackers proliferate and become more sophisticated in the methods they use to steal that information, it’s more important than ever to protect it.

With that in mind, Nastassja Tejada, head of sales in the Accountant Advisor Program at online small-business lender OnDeck, suggested these seven tips for protecting your clients’ data, whether they’re individuals or businesses. (A text version of these tips is available.)

1. Audit your data protection practices

Don’t wait for a data breach to take your security protocols seriously. An annual review of your systems by an outside firm is a good best practice for professionals who regularly handle sensitive information. And if you make your clients aware that you are doing this on an annual basis, it becomes additional value and security your clients will enjoy when they work with you.

Content Continues Below

2. Make sure your clients know about e-mail security

If your clients are e-mailing you financial information, make sure they are aware that email might not be the best way to share sensitive data. When an e-mail is sent it stops in several locations (or servers) before it hits your inbox, so without encryption, hackers can intercept the e-mail. This gives you an opportunity to develop a system that is secure for both you and your clients.

3. Don’t ignore physical security

If your computer network is secure, but your staff isn’t careful about walking away from a computer with files open, those files are at risk. Something as simple as putting computers to sleep with a password when no one is at the desk is an easy first step. Other physical security, like keeping locks on doors leading to any sensitive files, cable locks on computers to ensure they are locked to the desk, and keeping desks clean and tidy so that information can’t be misplaced or picked up by the wrong hands are other things you can do to avoid the theft of sensitive data.

4. Is your WiFi secure?

Make sure your WiFi network is secured with strong passwords and encryption protocols. It’s also a good idea to keep guest networks completely separate from your internal network.

Content Continues Below

5. Are you files regularly backed up?

If your computers suffer from a virus or malware attack, you can recover lost data if you conduct regular backups. Regularly backing up critical client files is a good best practice, and could be considered insurance against a hacker attack.

6. Prohibit employees from accessing client data on their personal computers

It’s just not a good idea for employees to use their personal devices to handle client information and can be a huge security concern. While there are policies you can put in place to limit the security vulnerabilities this may cause, it might be a better approach to simply keep all client data on your firm’s computer devices.

7. Encourage your clients to take an active role in monitoring their data security

A good first step is to make sure they understand the credit bureaus and how important it is to regularly monitor what is being reported about them and their businesses. It’s not uncommon for the public record to include mistakes, and regularly monitoring their credit will allow your clients to find evidence of identity theft earlier, rather than later.