If you are an accountant and commit any of the following, you are risking your business and your clients' finances. If you hired an accountant or tax practitioner, make sure they are keeping your data secure, or you will be the one bearing the consequences.
Sin #1: Not encrypting your computers and mobile devices
The accounting firm of JCB (name changed to protect privacy), CPA suffered a data leak because two computers were stolen from his office. JCB is not alone. Thefts specifically targeted computers and backup data drives at the offices and homes of accountants. One in four breaches in the financial services industry result from lost or stolen laptops and other mobile devices.
This vulnerability can be easily closed out using the built-in encryption capabilities of Windows and Mac computers, as well as iPhones and Android devices. Click here to download step by step instructions.
Sin #2: Sending sensitive paperwork over email
Email (sending to or receiving from clients) accounting and tax paperwork is extremely risky. Your bank nevers emails your statement because email is not secure.
Email data can leak in many ways:
- Account Hacking: The accounting firm of Chiorini, Hunt and Jacobs recently had their email hacked, leaking customer data including tax returns, W-2s, 1099s, health plan 1095-As, and direct deposit bank account information.
- Re-routing: An employee email account personal finance planning service Aperio had its emails rerouted to an attacker account. The re-routing happened simply due to a rogue click on a phishing link.
- Snooping: Email data can be easily copied as it travels without encryption over the network. Research investigations of over 700,000 email servers have found that most servers have loopholes that attackers can exploit to bypass encryption.
You can protect your business using a secure email alternative. Click here to download step by step instructions.
Sin #3: Not backing up data
Computers at Moore Business Solutions of Greenville, NC were infected with ransomware last December but nothing was suspected until tax filing season began. An average of 4000 ransomware attacks hit home and business computers every day in the US, according to the Department of Justice. Paying the ransom money does not guarantee you will gain access to your data.
A remote backup is the best defense against ransomware. Click here to download step by step instructions.