[IMGCAP(1)]Accountants handle sensitive client information on a daily basis.
In the normal course of business, clients may share invoices, tax records, personal bank statements, Social Security numbers and other sensitive data. Accountants often also wish to share documents with their customers. These everyday activities do not absolve professionals from their responsibilities to protect personal information. Accountants need to ensure client information remains secure and private.
There are two parts to that document security duty: maintaining confidentiality for documents in transit and ensuring their safety when at rest.
First, accountants must maintain confidentiality for documents in transit as they are being shared. A Social Security number being communicated over email may be intercepted or just routed erroneously and may get into the wrong hands, thereby exposing clients to serious risks such as identity theft. According to Javelin Strategy and Research, identity theft rose over 12 percent last year and affected more than 11 million victims.
Second, there’s the matter of protecting information at rest, as it resides on computer systems. Here, too, accountants face the risk of some malicious party penetrating their systems and getting to this data, or the risk of an even more benign scenario in which an employee accidentally sends information to the wrong person. According to research from Gartner, 84 percent of data loss incidents involve authorized parties distributing content externally.
Another related issue is that of enabling efficient communication between accountants and customers. When choosing a security solution, professionals may wish to consider providing easy, Web-based tools for information exchange that will supersede email and other tools that are not appropriate in terms of security, and also not ideal in terms of efficiency. Email, for example, is scattered all over customers’ inboxes. It is difficult to share large amounts of data, keep track of new documents, and be certain users are looking at the latest version of files.
Here are five questions to ask yourself to make sure you are secure:
1. Do I have adequate physical security in place? Keeping good security practices on computing equipment is as important as keeping these practices on physical cabinets and paperwork. Password-protect computers. Don’t write down passwords or keep them in obvious locations.
2. Do I have up-to-date firewall, anti-virus and anti-spyware software? As a baseline for security, accountants should make sure they have firewall, anti-virus and anti-spyware software. It is important to note that simply having these applications installed is not enough; one must make sure the software subscription is active and up-to-date.
3. Is everything backed up? A major cause of data loss and loss of productivity is hard drive crashes or accidental deletion of files. Every year, 43 percent of computer users lose irreplaceable documents and emails. Today, accountants can find easy-to-use online backup services that are affordable and do not require the cumbersome manual process of backing up to tape or DVD as in the past. With high-speed Internet connections, users can backup their entire machines within hours or a few days.
4. What happens if my notebook or iPad is stolen? For notebook and mobile device users, there is a risk of losing the machine or having it stolen. More than 750,000 laptops are lost or stolen every year, and 97 percent of them are never recovered. Worse than losing hardware is potentially losing the data stored on it. Accountants must make sure they have full hard drive encryption or volume encryption in place so documents are always encrypted. Various theft-deterrence services are also available, which allow users to remotely wipe or brick computers if they are lost.
5. Are the documents I am sending protected? Many accountants find it difficult to secure data that is shared over the Internet. Sending and receiving personal documents, Social Security numbers and other sensitive information over the Internet does wonders for productivity. However, it is risky and should not be done over insecure email. By using a secure online document-sharing service that offers tight controls over documents, accountants can exchange documents without the risk of them getting into the wrong hands. These solutions embed security into the documents and can keep full control over them at all times, restricting the ability to view, edit, print or forward them. They also make it possible to revoke documents if they were sent to the wrong party, or if the owner no longer needs the other party to have them. Keep an audit trail of all activities related to these documents: who opened them, where and when. This allows document owners to determine whether leaks have occurred and trace them back to their origins.
Clients must be able to trust their accountants with their most sensitive information. Earning that trust requires a responsible approach to document security. New tools can alleviate any risks of client data falling into the wrong hands, whether that data is at rest on an accountant’s machine or in transit between an accountant and a client. Take the time to check out the solutions available in the market and to make sure they are installed and up-to-date. Doing so not only ensures both the accountant and client’s peace of mind, but also increases productivity by streamlining communications and moving them into the digital age.
Moti Rafalin is CEO and co-founder of WatchDox, a Software-as-a-Service solution that enables the confidential sharing of important or sensitive documents in an easy and secure way.
Register or login for access to this item and much more
All Accounting Today content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access