0
DAYS
0
HOURS
0
MINS
0
SECS
Over 3.2 million customers use QuickBooks.
Sign up for a free trial!
2017-12-19 16:14:56Accounting FirmsEnglishAs an accountant or financial advisor, you have a responsibility to make sure your clients' data is secure. Here are 6 ways you can. Learn...https://quickbooks.intuit.com/au/resources/au_qrc/uploads/2017/12/Headline-Image-Final-2.jpgdata securityHow to Protect Sensitive Client Data | QuickBooks Online

Data security: Is your clients’ information safe?

3 min read

The threat from cybercrime on the global economy is on the rise, with cyberattacks growing in number and sophistication. While any business in any industry should be mindful of the risk, accountants and financial firms in particular need a data protection plan in action. With a wealth of sensitive client information, such as valuable financial data, it’s their responsibility to make sure client data is protected and secure.

Learn how to keep your clients’ data secure and your business safe with these critical actions.

1. Protect against malware

Malware includes viruses and ransomware, which blocks access to or encrypts a victim’s data while the perpetrator demands a ransom to restore access. A major threat to small business owners, malware can infect your email, web, and server applications through any device, including tablets and smartphones.

The Australian Cyber Security Centre (ACSC), the country’s official cybersecurity protection agency, warned in its 2017 Threat Report that ransomware and sophisticated, personalised phishing attacks are on the rise.

To protect your business from malware attacks, equip all computer devices, including portables, with basic security protection, including firewalls and up-to-date anti-virus protection. And it doesn’t end there – make sure all devices have the latest software and app upgrades to fight off the most recent malware. If you use USBs to share data, make sure they come from a secure source, and only log on to a secure Wi-Fi connection.

2. Encrypt your records

Encryption software will scramble confidential customer information, making it unreadable to anybody without the decryption password. This not only provides another layer of security in case of a breach, but reduces the risk of potential threats from inside your organisation by limiting password access to particular employees.

3. Make passwords strong and secure

Password-protect all office computers and devices, and limit access to the people who use that device. Remember, weak passwords are easy for criminals to guess, so make sure they have a mix of upper- and lower-case letters, numbers and symbols, and change them regularly. Make sure passwords are updated when an employee leaves the business, to protect against theft or other harmful activities by unhappy ex-employees.

4. Set up two-factor authentication

To access most servers and networks you need a username and password. Two-factor authentication adds another form of verification, like a unique code sent to another device that you need to input to allow access. The technology is straightforward to implement and, with this added layer of security, knowing a victim’s password alone isn’t enough for a cyberattack. Some accounting software, like QuickBooks Online, use three levels of permissions to help manage who can access sensitive information.

5. Have a clear data security policy

Do your employees know your data security policy? Clear rules should be established for using IT systems aligned with your organisation’s security settings. These would specify prohibited activities, such as sharing passwords, and what can and can’t be said or shared on corporate social media accounts.

6. Create a data breach response plan

Having a formalised and up-to-date data breach response plan outlining the roles and responsibilities when responding to a cyberattack could mitigate the fallout. The Office of the Australian Information Commissioner (OAIC) offers a guide on what to include in your plan. Taking out an insurance policy against cybercrime could also help minimise the cost of a hack.

Advisory businesses are entirely built on trust, and just one instance of compromised information could damage your reputation and your relationship with clients. So make sure you take cybersecurity seriously, starting with these simple steps today.

For more advice for accountants, check out these resources.

Rate This Article
Information may be abridged and therefore incomplete. This document/information does not constitute, and should not be considered a substitute for, legal or financial advice. Each financial situation is different, the advice provided is intended to be general. Please contact your financial or legal advisors for information specific to your situation.

Related Articles

FAQs on QuickBooks Online Accountant End of Life

Older versions of QuickBooks Online Accountant were discontinued starting December 3 2015. If you…

Read more

Post-conversion: moving to QuickBooks Online

Moving to a new QuickBooks Online data file is quick, easy and…

Read more

How to protect your small business

Running your own business isn’t a walk in the park. With all…

Read more