It’s likely an employee’s workplace offers a level of data security he or she doesn’t have at home.
Data security for accounting teams has never been more important. More employees have been working from home because of the COVID-19 pandemic and accounting firm owners who are using global outsourcing to increase their capacity and efficiencywant to ensure their — and their clients’ — information is safe from cybercriminals looking to steal identities and financial information.
Employees who work from home can present greater data security risks, according to Practice Protect. Here’s why:
- They may not have the same level of IT security at home as they do at work.
- Home devices tend to have multiple users who may be downloading unsafe programs hidden in software, movies, and browser extensions.
- Home computing security practices tend to be more lax. For example, many people save passwords in browsers or keychains on their personal devices.
A 360-degree approach to cybersecurity
A 360-degree approach to cybersecurity means factoring in all aspects of security, whether your global team members are working in the office or at their dining room tables.
“You’re only one accidental click away from an incident,” says Ben Fisher, chief information officer at TOA Global. “Cybersecurity involves a holistic approach to people, process, technology … in that order.”
Let’s take a closer look at these approaches and how can they be strengthened to protect data.
1. Employee education – teach staff about data security
Information security solutions provider Shred-it published its 2019 Data Protection Report, which suggests that more than half of business executives who reported a data breach cited the main cause as human error. Arming your staff with the knowledge they need to protect your information is a good place to start.
Upon hiring, TOA’s global team members undergo a mandatory security and compliance training course, and receive a briefing and review of Internet and physical security protocols.
For extra peace of mind, consider asking your global team members what they covered in their security training. Their answers should include malware, phishing, password management, data breach threats, and secure document management.
At TOA Global, team members adhere to a clean-desk policy.
2. Physical security measures – on-site and at home
On-site, CCTV cameras and security guards keep a constant watch on who comes in and out of a building and whether an unauthorized person may be heading to the server room. They can quickly help stop trouble before it happens.
At TOA Global, global team members must keep their mobile phones, flash drives, and any other portable storage device stored in their locker while they’re working on-site. They must also follow a clean-desk policy, where documents that contain confidential information are not to be left out in the open, and they must shred any papers that reveal sensitive information.
If a team member has to work from home, the same computer/equipment that he or she uses in the office has been delivered to the team member to use for their client, so their TOA equipment is under the same controls and access to support staff as if it was in the office. This includes computer security applications such as anti-virus and controls, and specific work-from-home policies.
It’s good practice for team members working from home to also maintain a clean desk at their at-home workspace and to keep any confidential documents locked in a drawer or other secure place.
3. Data backup – think cloud computing for data security
A cloud computing service can back up access management and ensure you don’t lose configuration and set-up information. TOA Global, for example, uses Microsoft Azure, and employs an offshore specific cloud security tool that geo-locks cloud data to a facility and hides passwords from users.
TOA also centrally manages PC/laptop access and equips staff with Office 365 accounts, which has redundant data backups, data privacy, compliance adherence, and centralized management of access.
A Single Sign-On solution across all of your support employees will allow you to restrict or grant access to multiple applications with a click of a button on their TOA device. TOA has also partnered with Practice Protect, a cybersecurity platform for accountants that makes it quick and easy for them to secure client data, no matter where their staff work.
4. Network security monitoring
A network security monitoring system detects and responds to intrusions on computer networks.
A good system includes a physical hardware firewall, an intrusion detection system, IPS failover and load balance (the process of distributing network traffic across multiple servers), multiple layer security authentication for remote logins, and bandwidth management ensuring that system prioritizes the applications and services required for a user’s productivity, to name a few.
These measures can limit remote computers from accessing non-authorized services and identify what takes up a lot of bandwidth on the local network address and website IP.
5. Business continuity
Arson, accidents, natural disasters, a major network failure – while few people want to really think about these things, bulletproof security for a global team considers a business’ vulnerable areas, the effects of potential disasters (from a few days to a few weeks), and puts a plan in place that addresses critical functions and vulnerabilities, so the business can keep functioning.
TOA Global has business continuity management in place to protect critical business processes and provide alternate ways of working so staff can deliver an acceptable level of service during unforeseen events.
Accounting firm owners can include security cameras in their data-protection arsenal, like this one at TOA Global.
Conclusion and next steps
A 360-degree approach to data security helps provide bulletproof protection as owners of accounting firms work with a global team. Key areas to pay attention to are employee education, physical security, data backup, network security monitoring and business continuity.
TOA takes its clients’ data security seriously. So seriously, in fact, that part of our clients’ onboarding process includes a technology assessment that involves:
- An analysis of any security gaps in systems and an understanding of the right tools and practices to demonstrate due diligence to firms and prevent illegal access to their data.
- A speed test and analysis performed between local systems and the Philippines (where global team members are located) to ensure global teams have fast access from Day 1.
- A strong understanding of the best practice collaboration and communication tweaks to engage and include new team members online.
- Access to the tools that smart accountants are using globally to train team members and a build a process for the future.
If you’d like to build a global team to increase your capacity and efficiency in a secure IT environment, then request a Free Outsourcing Strategy & Plan for your firm now.
We’ll work with you to understand your situation and objectives, then map out a staged plan for hiring the talent you need in the right order so you can enable continuous growth.