In March of 2017, Deloitte, one of the world’s four largest accounting firms admitted to being the victim of a cyber security attack. The attack started months before the company discovered it, and compromised the records of many clients. Just five years before the attack, Deloitte was ranked as the best cyber security consultant in the world. If a company like that can be attacked, anyone can. As the owner or manager of an accounting firm, you need a plan to deal with potential data breaches.
Incident Response Plan
Start by making sure you have an incident response plan in place, ready to go in the event of an attack. A good response plan should detail exactly what needs to get done as soon as you discover a data breach. First responses include taking all the computers offline and notifying the proper people to deal with the breach, either your in-house IT team or the outside IT firm in charge of your computer security. Your human resources and customer relations teams also need to be notified. The most important information to find out as quickly as possible is the exact nature of the breach, the extent of the damage, and who’s responsible for the breach.
When creating your response plan, you may want to create responses for a few different levels of data breaches, with detailed response steps laid out for each type of breach.
Cleaning Up the Mess
After a data breach has been stopped, you need to devote your attention to cleaning up the mess. If information was lost, you need to start recovering it. That may require you to manually re-enter information from paper receipts or bank statements into your system. In extreme cases, you may need to do forensic accounting work that involves extensive examination and auditing of financial records to find lost data.
A basic step in preventing any more damage is changing all passwords. If you’ve lost bank account details or credit card numbers, contact those institutions and lock or close those accounts. Finally, put out a fraud alert on your personal and business credit reports, and consider signing up for credit monitoring.
Even if your company is not in the public eye on a worldwide scale like Deloitte, you may still have to deal with public relations issues. If the local press reports on the breach, be prepared to answer questions. Explain the steps you are taking to avoid future breaches, and most importantly, be ready to show what you are doing to minimize any exposure to loss for your clients.
If your customers’ data has been compromised, you need to tell them about the situation before they hear about it from somebody else. You might take a cue from other companies that have navigated these disasters successfully, and offer your clients free credit monitoring and identify theft protection. Acting quickly and straightforwardly is essential if you want to hold on to your clients and protect your brand image.
Preventing Future Attacks
After a cyber attack or a data breach, you need to step up security to protect your business. Make sure you’re using two-step verification for signing into accounts with sensitive information, and consider encrypting your data. Back up information to a secure cloud server or offline hard drive to make you have copies of all information. Keep your antivirus software updated and monitor your system for issues. You may want to consider hiring an IT security expert or working with a data security consultant to improve security.
As an accountant, you have lots of sensitive client information. As a business owner, you also have lots of sensitive information related to your employees and your business. You need to take steps to protect all your data, and in case a breach happens, you need to be ready to deal with it.