When the pandemic hit in March 2020, accountants were forced to forego long-established practices and adopt – often improvising – entirely digital ones in a matter of days. Tom Kelly, SME channel director at Modulr, writes
Many accountants have welcomed the mark-up in digitisation with open arms. Through digitising entirely, accountants have been presented with myriad benefits that would have been previously out of reach.
However, Covid-19 also created a period of economic and social uncertainty. It has knocked people out of their usual routines and developed a perfect climate where opportunistic cybercriminals can thrive. It forces accountants and their clients to take the necessary security measures to protect their sensitive data. But how can they become truly digitally resilient?
At Modulr, we are the payments technology behind leading accounting software. Together, we enable accountants to seamlessly integrate and reconcile payroll and payment entries, make supplier and employee payments in real time and manage all client payment workflows in one secure dashboard. This means that we know how important data protection and user authentication is to your practice.
We have pulled together this guide on digital resilience, drawn from our own in-house expertise on cybersecurity.
Take time for technical steps
Embedding antivirus and anti-malware software into operations, implementing firewalls and keeping up to date with the latest versions of software and security patches are great starting points for accountancy firms.
Some may also benefit from working alongside specialist information security providers. For example, smaller practices may want to consult the Global Cyber Alliance list of effective security tools, including many that are inexpensive or free to use.
Alongside this, choosing well-managed and reputable cloud service providers is an extremely wise step. Providers will do everything possible to ensure their operations are secure, reliable and compliant with all relevant government and body legislation and regulation. This frees up time to focus on delivering value-add services for clients.
Iron out the margin for human error
Any company can suffer a security breach caused by an unknowing employee clicking on a link in a hostile email, or accidentally letting confidential data slip. So training staff to spot and avoid online cyberattacks is key.
Having the framework in place to prevent these things from happening is also cost-effective, and all training materials should be designed to give staff a clear idea of what constitutes good security practice. By preparing employees to spot threats, accountancy firms can nip them in the bud.
Accountants must also ensure employee access to business systems or data is controlled with care. Access should only be permitted via a secure private network connection, or VPN. Employing the use of biometrics, or cloud-based mobile device management systems and two-factor authentication to confirm the authenticity of the security of employees’ devices is also key. Adhering to these protocols will deter fraudsters and allow for watertight security on confidential information.
Enforcing a policy that ensures that data can only be accessed directly from cloud-based business systems and never stored on employees’ devices is also vital for data privacy. It may seem obvious, but stronger passwords mean stronger security. Password management software prevents staff from using weak passwords, or using the same password for other applications. This adds another chink in accountants’ digitally resilient armour.
Choose the right provider
The digital accountant must never forget that their main duty of care is to clients. Not only can cyberattacks be detrimental to business operations, finances and reputations, but clients also feel the full force.
Breaches of data protection legislation or regulations may result in fines from the Information Commissioner’s Office. In the event of a data breach, a business must be able to prove that all reasonable steps to achieve and ensure compliance have been taken.
Cloud technology can help accountants recover quickly from business interruptions and some security breaches, the ability to bounce back quickly must be prioritised. Regularly reviewed, tested and revised incident management and business continuity plans are essential.
Likewise, choose software providers with a proven history of delivering robust and reliable cloud accounting systems. We have seen first hand from our position serving the accounting software industry with payments technology, how the industry needs to come together to deliberate on the future of digital accountancy.
Last year, we created the Pathfinders Community, a first-of-its-kind network and forum developed to enable like-minded and forward-thinking accountants to stay up to date with the latest in payments and accounting technology.
The digitally resilient accountant
It is clear that for any business, operating digitally can certainly increase the chances for breaches in security, data and cyberattacks.
For accountants who daily deal with swathes of sensitive financial information, it is vital that they plan ahead and take a risk-based proactive approach. But this cannot come at the expense of the core of their role and responsibilities. Following these three steps will enable accountants to become truly digitally resilient.