The probability is much higher that an employee’s workplace will offer a level of data security that he or she can’t afford to have at home.
Today though, the question of data security for accounting teams has grown more importantthan ever. The daunting pandemic of 2020 has led to having more employees working fromhome. Due to this drastic shift in the working patterns, the need for reliable data security for accounting firm owners – who have opted for global outsourcing for increased capacity and efficiency – to protect their clients’ information from cybercriminals looking to steal identities and financial information has become a real one.
The data shows that employees who work from home can present greater data security risks. Here’s why:
- They may not have the same level of IT security at home as they do at work.
- Home devices tend to have multiple users who may be downloading unsafe programs hidden in software, movies, and browser extensions.
- Home computing security practices tend to be more lax. For example, many people save passwords in browsers or key chains on their personal devices.
What can be the Solution?
A 360-Degree Approach to Cybersecurity
A 360-degree approach to cyber security suggests factoring in all aspects of security, whether you’re global team members are working in the office or at their dining tables.
“You’re only one accidental click away from an incident. Cybersecurity involves a holistic approach to people, process, and technology in the given order.”
Now, let’s take a closer look at these approaches and understand how they can be strengthened to protect data.
1. Educate your Employees on Data Security
Information security solutions provider Shred-it published its 2019 Data Protection Report, which suggests that more than half of business executives who reported a data breach cited the main cause as human error.
Hence, arming your staff with the knowledge they need to protect your information is a good place to start from.
Upon hiring, Relig’s team members undergo a mandatory security and compliance training course, and receive a briefing and review of Internet and physical security protocols.
For extra peace of mind, consider asking your team members what they covered in their security training. Their answers should include malware, phishing, password management, data breach threats, and secure document management.
At Relig, team members adhere to a clean-desk policy.
2. Physical Security Measures – On-site and at Home
On-site, CCTV cameras and security guards keep a constant watch on who comes in and out of the building and whether an unauthorized person may be heading to the server room. This can quickly help prevent trouble before it occurs.
At Relig, team members are trained to keep their mobile phones, flash drives, and any other portable storage device in their locker while they’re working on-site. They are also instructed to follow a clean-desk policy, where documents that contain confidential information are not to be left out in the open, and they must shred any paper that reveals sensitive information.
If a team member has to work from home, the same computer/equipment that he or she uses in the office gets delivered to them to be used for their client. Thus we make sure that their Relig equipment is under the same controls and access to support staff as if it was in the office.
This includes computer security applications such as anti-virus and controls, and specific work-from-home policies.
It’s a good practice for team members working from home to also maintain a clean desk at their at-home workspace and to keep any confidential documents locked in a drawer or other secure place.
3. Data Backup – Cloud Computing
A cloud computing service can back up access management and ensure you don’t lose configuration and set-up information.
Relig, for example, uses Microsoft Azure, and employs an offshore specific cloud security tool that geo-locks cloud data to a facility and hides passwords from users.
Relig also centrally manages PC/laptop access and equips staff with Office 365 accounts, which has redundant data backups, data privacy, compliance adherence, and centralized management of access.
A Single Sign-On solution across all of your support employees will allow you to restrict or grant access to multiple applications with a click of a button on their device.
4. Network Security Monitoring
A network security monitoring system detects and responds to intrusions on computer networks.
A good system includes a physical hardware firewall, an intrusion detection system, IPS failover and load balance (the process of distributing network traffic across multiple servers), multiple layer security authentication for remote logins, and bandwidth management ensuring that system prioritizes the applications and services required for a user’s productivity, to name a few.
These measures can limit remote computers from accessing non-authorized services and identify what takes up a lot of bandwidth on the local network address and website IP.
5. Business Continuity
Arson, accidents, natural disasters, a major network failure – while few people want to really think about these things, bulletproof security for a global team considers a business’ vulnerable areas, the effects of potential disasters (from a few days to a few weeks), and puts a plan in place that addresses critical functions and vulnerabilities, so the business can keep functioning.
Relig has business continuity management in place to protect critical business processes and provide alternate ways of working so staff can deliver an acceptable level of service during unforeseen events.
Tip: Accounting firm owners can include security cameras in their data-protection arsenal, like this one at Relig.
Conclusion and Next Steps
A 360-degree approach to data security helps provide bulletproof protection as owners of accounting firms work with a global team. The key areas to pay attention to are employee education, physical security, data backup, network security monitoring and business continuity.
Relig takes its clients’ data security seriously. So seriously, in fact, that part of our clients’ on boarding process includes a technology assessment that involves:
- An analysis of any security gaps in systems and an understanding of the right tools and practices to demonstrate due diligence to firms and prevent illegal access to their data.
- A speed test and analysis performed between local systems and the India office (where global team members are located) to ensure global teams have fast access from Day 1.
- A strong understanding of the best practice collaboration and communication tweaks to engage and include new team members online.
- Access to the tools that smart accountants are using globally to train team members and a build a process for the future.
If your aim is to build a global team to increase your capacity and efficiency in a secure IT environment, then request a Free discover call for your firm now. The link to schedule the call is in the link below.
We’ll work with you to understand your situation and objectives, then map out a staged plan for hiring the talent you need in the right order so you can enable continuous growth!