Learning how to keep your firm data secure is something that bears consideration even as COVID-19 restrictions lift. Why?
It doesn’t matter if things return to normal, the cat has been let out of the bag regarding cyberthreats, and any unsecured information is at risk.
According to Forbes, ransomware and phishing schemes have soared in 2022, with hackers coming after small and medium-sized businesses. The decline of COVID-19 restrictions was met with high gas prices, a war in Ukraine and supply chain issues. So, even though remote work plummets from 35% in May 2020 to 10% in April 2022, there is enough unrest in the world to provoke cybercriminals into action.
Now, while stats indicate remote work is reducing as people return to the office, the fact remains that 10% of the workforce remains at home. Other offices provide a hybrid of remote and onsite work options as well.
Among these options is travel—some employees will take work-related laptops with them as they traipse into the field on business.
It remains to be seen if those numbers will fluctuate in regard to remote versus on-site. However, the pandemic exposed many small to mid-sized businesses to the dangers of a company keeping client data unsecured. For this reason, establishing a secure remote data protocol is essential for protecting your firm, your team and your clients.
Accordingly, it is important to review and update remote work policies to ensure they incorporate any new technology, applications and process lessons learned during a crisis. Remind your team about how to keep their hybrid firm secure—whether they are on the road, working from home or in the office.
Today, virtually all applications and data reside in the cloud or on firm remote-access servers. Because of this, setting up an internet connection is usually one of the first requirements when working in the field or from home. While your client or hotel may provide a direct ethernet or Wi-Fi connection, there is no easy way to determine if that connection is safe or compromised.
At a minimum, firms should mandate using a VPN (virtual private network) before utilizing any external internet source. This is particularly true for public Wi-Fi sources such as those found in hotels/motels, airports, coffee shops, etc.
A better solution is to promote using the mobile (4G/5G) hotspot within smartphones and standalone hotspot devices. While they may not be as fast, they are definitely more secure.
Additionally, consistently using a mobile hotspot when on the road saves time at the start of each client or Zoom meeting. A superlative win, as the accountant does not have to configure the Wi-Fi connection at each new location.
Here are some other things you can do to secure your firm’s data:
These tips will go a long way towards reducing cybersecurity risks and securing your information, which in turn, reduces your firm’s legal liability.
While the above tips can work no matter where you are, remote workers have to consider safeguarding their home Wi-Fi just as vigilantly. The 2019 NetDiligence Cyber Claims Study indicated that 96% of cybercrime-related losses were made by small to medium-sized businesses.
COVID-19 didn’t make the issue any better as the attack surface was expanded with so many people working from unsecured locations.
Consumer-grade internet security is not going to cut it. So, what are some things a remote worker can do to reduce cyber risks when working from home?
Cybersecurity laws require that any confidential, personally identifiable information (PII) data stored on a local hard drive is protected with disk encryption and reasonable care. Utilizing data locally also requires the accountant to be responsible for backing up the data to the network.
This may lead to version control problems and overwriting others’ work.
Disallowing any local data is the better solution. Update policies to ensure data creation and storage happens in the cloud to protect it more effectively.
When going back to physical meetings with clients, either at your firm or a client’s office, it is crucial to not fall back on old habits. One big no-no is accepting data on a flash drive (which can lead to a firm’s exposure to malware). Clients should be taught to transfer data via portals or secure email.
Post-COVID policies should exclusively promote client use of portals and secure email instead of any physical media.
Firms that only accept electronic documents won’t need to worry about returning clients’ physical source documents. Not only does this save time, but it also ensures the clients’ records stay safe and secure.
Most of us have become very comfortable leaving our computers on at home when we go grab a cup of coffee or take a break to walk the dogs.
Leaving firm and client data on the screen while working from home has not yet been identified as much of a risk, and some employees have even extended the time it takes for their automatic screen lock to invoke. However, leaving a computer display visible in a public space exposes data to prying eyes, particularly if the user walks away from the workstation to get a refill or ask a question.
Using a privacy filter protects against shoulder surfers. Best practices point to reminding personnel to stay aware of their surroundings and lock down their workstations when they step away. While we don’t recommend leaving a laptop unattended, using a cable lock, disk encryption and an automatic screensaver provides basic protection.
You may also want to investigate:
As the coronavirus threat subsides, all of us will return to a “new normal” work environment. Undoubtedly, the way we will work will be a hybrid version that incorporates the best of working from home, returning to an office environment and physically meeting with clients. Be sure to do so safely by considering the physical and virtual requirements of this modern workspace.
Keeping your company’s personal information and client data secure while on the road or working remotely is a no-brainer. If you want to secure your home office or stay safe when traveling, you must strive to keep your firm data secure at all costs.
Now, you can try to keep up with 101 methods for doing so, or you can cut down on some of the work by using a cloud-based service like Right Networks Cloud Premier.
Our outsourced IT solution, Right Networks Cloud Premier, includes a portal for efficiently transferring client files and data. We also offer managed secure workstation or Security Awareness Training programs that will assist in protecting your firm’s data assets and integrity. Learn more about how firms are using Right Networks Cloud Premier to reduce IT hassles and stay secure.
Recommended for you
Subscribe to Our Blog
Join our mailing list and get all of the latest news delivered straight to your inbox.