Six Tips for accounting firms

We all know tax season in Canada is around the corner, but this year will be special, we are in the middle of a global pandemic and most of us will try to arrange meetings with our accountants using collaboration tools such as WebEx, Zoom, or Microsoft Teams, just keep in mind the cybersecurity best practices when you send sensitive information over the internet. Cybercrook will try to get an advantage of this situation, that is why the Canadian Centre for Cyber Security has issued an alert to the CPA, they have seen an increase in phishing and malware attacks on accounting firms, they need to be vigilant to protect their customer personal information.

If you happened to be an accountant, you know that email is one if not the most important business communication tool, but at the same time you need to be aware that email remains the #1 Vector of attack, 90% of breaches occur via email, and cloud email platforms like Microsoft 365 don’t necessarily have security that can keep up. Be vigilant of phishing attacks and suspicious emails. Always confirm with your clients if they really send you those files.

Now how can you secure your accounting firm?

1. Adopt an email solution with deep file inspection, like the ones that come with Office365, Gsuite that you pay the provider bases on a monthly recurrent cost, or get an external one like Secure Email.

2. Implement DSN Layer security, is easy to do with tools like Cisco Umbrella that can stop attacks before they reach your network.

3. Implement two-factor authentication (2FA) like Duo on all internet-facing remote access services, starting with perimeter security devices such as Firewalls and remote access gateways for teleworkers, VPN, and administrators.

4. Adopt an antimalware, antivirus that can protect your endpoints in realtime and take an action if needed. A good example will be Secure Endpoint, formerly know as (AMP).

5. Assess your networks for the presence of vulnerable software, particularly where it is installed on devices exposed to the internet, and patch as soon as possible to the latest version, if you don’t know how to do it, hire a professional that will do it for you.

6. Make sure the files containing your client information are stored in a secure location, password-protected, and not exposed to the internet.

If you follow these steps and adopt every layer of security, you will be ahead of the cybercriminals, able to concentrate on what really matters, and doing what you do best, growing your business!

Was this information useful to you? consider subscribing to our newsletter and get relevant up to date information on how to make a secure digital transformation for your business.