2017-11-28 00:00:00 Firm Management English Learn what to do if your accounting firm suffers a data breach, and how to avoid being the victim of a cyber attack. https://quickbooks.intuit.com/ca/resources/ca_qrc/uploads/2017/12/Team-Brainstorming-About-Data-Breaches.jpg https://quickbooks.intuit.com/ca/resources/firm-management/respond-data-breaches-accounting-firm/ How Accounting Firms Should Respond to Data Breaches

How Accounting Firms Should Respond to Data Breaches

3 min read

Is your business prepared to handle a data breach? As an accountant, you know how to protect your clients’ finances by advising them on making important financial decisions, but you may not put as much thought into protecting their financial data stored in your accounting system. While a breach in your system puts your clients’ sensitive data at risk, it also puts the reputation of your business at risk. Learn how to respond appropriately to a data breach.

Data Breach Incident Response Plan

An incident response plan guides your actions in the event of an attack, detailing exactly what you and your team need to do as soon as you discover a data breach. Your first response to a security breach should include taking all the computers offline and notifying the proper people to deal with the breach, whether it’s your in-house IT team or the outside IT firm in charge of your computer security. You should also notify your human resources and customer relations teams immediately. It’s important to find out the exact nature of the breach, discover the extent of the damage, and determine who’s responsible for the breach as quickly as possible.

When developing your response plan, it’s a good idea to write up responses for various levels of data breaches, laying out detailed response steps for each type of breach.

Cleaning Up the Mess After a Data Breach

Once you’re sure the data breach is stopped, you can enter into cleanup mode. If you lose information during the breach, this is the time to start recovering it to protect the integrity of your files. You may need to re-enter information into your system manually from paper receipts or bank statements. Cases of an extreme security breach may require forensic accounting work, which involves extensive examination and auditing of financial records to find lost data.

A basic step in preventing any more damage is changing all passwords. If you misplace bank account details or lose credit card numbers, it’s a good idea to contact those institutions to have the accounts locked or closed. Finally, you might put out a fraud alert on your personal and business credit reports or consider signing up for credit monitoring.

Handling Public Relations

Even if your company isn’t in the public eye on a worldwide or even nationwide scale, you may still have to deal with public relations issues related to the security breach. If the local press reports on the story, be prepared to answer questions. Explain the steps you’re taking to avoid future breaches, and most importantly, demonstrate what you’re doing to minimize any exposure to loss for your clients.

Dealing With Customer Relations

If the breach results in compromised customer data, it’s imperative that you tell them about the situation before they hear it from someone else. Look into companies that have successfully navigated these disasters in the past for a cue on an appropriate response. Consider offering your clients free credit monitoring and identify theft protection. By acting quickly and exercising honesty, you may hold onto your clients and protect your brand image.

Preventing Future Attacks

When your business suffers a cyber attack or a data breach, consider it a sign that you need to step up security to protect your business and clients. Using two-step verification for signing into accounts with sensitive information is a good basic security step. Consider encrypting your data as an additional security feature. You can ensure you have copies of all information by backing up information to a secure cloud server or offline hard drive. It’s also important to keep your antivirus software updated and monitor your system for issues. Hiring an in-house IT security expert or working with a data security consultant can help to improve data security within your business.

As an accountant and business owner, you have a lot of personal client data and sensitive information related to your employees and your business. You need to take steps to protect all your data, and in case a breach happens, it’s important that you be ready to deal with it. Using a secure, reliable software program is a good start. QuickBooks Online Accountant offers powerful tools for accounting professionals. Sign up for free.

Information may be abridged and therefore incomplete. This document/information does not constitute, and should not be considered a substitute for, legal or financial advice. Each financial situation is different, the advice provided is intended to be general. Please contact your financial or legal advisors for information specific to your situation.

Related Articles

How to Start a Law Firm

Starting a law firm can be a rewarding next step in your…

Read more

What is EBIT and How to Calculate It

EBIT is Earnings Before Interest and Taxes. It reports a firm’s earnings…

Read more

Should you get a small business line of credit? Pros & cons (plus, 10 questions to ask)

Cash is king. You need cash to operate your small business, and…

Read more