Fighting threat and prioritising data security in your business
As technology evolves and becomes more sophisticated, so too do viruses, malware and hackers, and their means to violate protective barriers in order to infiltrate sensitive data and information.
According to PwC’s 2016 Global Economic Crime report, cyber crime affect almost one in three organisations (32%), with the financial services industry the ‘most threatened’ by economic crime. As accountancy and bookkeeping practices handle sensitive personal and financial data for their customers, the ramifications of a hack can be devastating, resulting in identity theft, loss of intellectual property, and irrevocable damage to brand reputation. In fact, a single incident can cost a small business upwards of £75,000 in terms of lost revenue, recovery of assets and fines. With that in mind, accountancy and bookkeeping practices must adopt a risk-averse mindset, making data security a top priority for their business and their clients. But where to start? And how to sustain change for the long term.
A cultural shift
When considering a long term security strategy, start by evaluating your people and processes. Despite the perception that the majority of threats stem from outside an organisation, risk can be found much closer to home. According to recent business research commissioned by the UK government, employees are one of the main sources of security breaches, with 48% of respondents citing human error, and 33% claiming lack of ‘staff awareness’ as major contributing factors of cyber attacks within both large and small organisations.
In order to address these challenges and implement a culture of change, it will be critical for businesses to set appropriate guidelines as well as up-skilling their employees. For instance, running training programmes on common phishing attacks and emails scams can go a long way to reducing clicks on infected links. Elsewhere, setting standards for complex password combinations, and monitoring the use of personal mobile devices to access corporate files is advisable. By taking these types of preventative measures, businesses will ensure their employees are better informed and able to work as a team to tackle external threats.
Using technology to get ahead
Increasingly, accountancy and bookkeeping practices are using data document capture and workflow management solutions to improve accuracy, reduce costs and speed up processes associated with traditional bookkeeping and manual data entry. It just so happens that certain solutions have the convenient side-effect of also improving your practice’s security risk.
For instance, the right automated solution allows you to capture and analyse scanned and photographed purchase and sales invoices, receipts, bank and card statements, automating your data entry to your bookkeeping solution. Look for a solution which offers a flexible pricing structure and doesn’t tie you into a costly monthly subscription and for those with in built intelligence which enables you to do more, faster. For instance, certain tools can capture tax summaries by default and if requested, full line item details including description, quantity and unit price. They can remember how you categorise your expenses such as the relevant supplier account, nominal account and tax code without ever creating duplicate supplier accounts or posting duplicate invoices in your chosen bookkeeping solution. They can even match invoices to purchase orders.
While the adoption of cloud-based computing, and use of automated tools, has risen in recent years, concerns over privacy and security remain a concern for some. Many perceive that housing data on a physical desktop is safer, yet the opposite is true. Cloud solution providers which adhere to strict legislation on data policy and whose reputation depend on it most, leverage their technical expertise to implement multiple layers of advanced security protection which smaller organisations simply can’t emulate on premise.
For those that decide to simplify processes and boost productivity with third party technologies, there are some security standards to check for before you press ‘download’. The cloud isn’t more susceptible to attack than other internet-connected or physical systems; however, certain important security policies are sometimes forgotten which can make it highly vulnerable to hackers. The right solution will protect users with essential in built protocols including:
SSL encryption: An encrypted communication link which allows private information to be transmitted securely between two parties.
Brute force detection: Alarm raised should there be multiple failed authentication attempts are being made from a given source or to a given resource.
Network intrusion detection: Strategically placed sensors which monitor traffic between network devices - alerting IT professionals if a malicious presence is identified
Host intrusion detection: A method of monitoring intrusion on an operating system
Real-time backups: The backup and memory of critical data sets in real-time, allowing users to restore information on demand
Using automated technology will enable firms to cast off outdated and unprofitable practices, such as those associated with traditional bookkeeping and manual data entry. There is clear business sense in reducing labour spent manually logging data from paper documents and redirecting this resource into more lucrative revenue streams, such as advisory services. As we move ahead in this digital age it will increasingly be the approach forward thinking accountancy and bookkeeping practices adopt.
It will be critical however for these same firms to keep their business secure from threat, deploying solutions which offer robust data protection, user authorisation and authentication. As well as driving considerable operational efficiencies for accountants and bookkeepers, the right automated solution will efficiently disable security threats and enable businesses to operate with confidence.