Blog
By Roman Kepczyk, CPA.CITP, CGMA, PAFM on June 1, 2022 minute read

How to keep firm data secure when working remotely or traveling

Share

How do I keep firm data secure while traveling or working remotely? 

Learning how to keep your firm data secure is something that bears consideration even as COVID-19 restrictions lift. Why? 

  1. We don’t know if COVID-19 will rear its ugly head again, prompting new lockdowns or other restrictive measures. 
  2. The rise in cybercrime during the pandemic indicates a need to secure firm data when working from home or abroad. 
  3. Remote work security threats are ever-present, which indicates a need to be vigilant.  

It doesn’t matter if things return to normal, the cat has been let out of the bag regarding cyberthreats, and any unsecured information is at risk. 

Cyberattacks hit an all-time high 

According to Forbes, ransomware and phishing schemes have soared in 2022, with hackers coming after small and medium-sized businesses. The decline of COVID-19 restrictions was met with high gas prices, a war in Ukraine and supply chain issues. So, even though remote work plummets from 35% in May 2020 to 10% in April 2022, there is enough unrest in the world to provoke cybercriminals into action. 

Secure remote working is a must 

Remote works must be educated on securing their worksations
Working from home has benefits and risks when it comes to securing data.

Now, while stats indicate remote work is reducing as people return to the office, the fact remains that 10% of the workforce remains at home. Other offices provide a hybrid of remote and onsite work options as well. 

Among these options is travel—some employees will take work-related laptops with them as they traipse into the field on business. 

It remains to be seen if those numbers will fluctuate in regard to remote versus on-site. However, the pandemic exposed many small to mid-sized businesses to the dangers of a company keeping client data unsecured. For this reason, establishing a secure remote data protocol is essential for protecting your firm, your team and your clients.

Accordingly, it is important to review and update remote work policies to ensure they incorporate any new technology, applications and process lessons learned during a crisis. Remind your team about how to keep their hybrid firm secure—whether they are on the road, working from home or in the office. 

What are 5 internet safety best practices to keep firm data secure? 

Today, virtually all applications and data reside in the cloud or on firm remote-access servers. Because of this, setting up an internet connection is usually one of the first requirements when working in the field or from home. While your client or hotel may provide a direct ethernet or Wi-Fi connection, there is no easy way to determine if that connection is safe or compromised. 

At a minimum, firms should mandate using a VPN (virtual private network) before utilizing any external internet source. This is particularly true for public Wi-Fi sources such as those found in hotels/motels, airports, coffee shops, etc. 

 

rethink using Wi-Fi in public spaces
Public Wi-Fi may be tempting to use, but the connection may not protect your firm’s sensitive data.

Avoid public Wi-Fi when you can

A better solution is to promote using the mobile (4G/5G) hotspot within smartphones and standalone hotspot devices. While they may not be as fast, they are definitely more secure. 

Additionally, consistently using a mobile hotspot when on the road saves time at the start of each client or Zoom meeting. A superlative win, as the accountant does not have to configure the Wi-Fi connection at each new location. 

Here are some other things you can do to secure your firm’s data:

  1. Be cautious of any links you receive, even if they seem to come from a firm representative or client. When in doubt, try to find an alternative method for confirming any links, such as a phone call or text to the sender.
  2. Use unique, hard-to-guess passwords for each site, and, when possible, store them in a password manager. Never give that information to anyone— not even colleagues.
  3. Install robust virus protection software. Avoid using free anti-virus products or downloading popular software from third-party sites.
  4. Only install applications approved by the firm’s IT department.
  5. Consistently update your software, as these updates often provide new and more effective ways to protect your precious personal information and data. For convenience, set applications to update automatically.

These tips will go a long way towards reducing cybersecurity risks and securing your information, which in turn, reduces your firm’s legal liability.

How can accounting firms protect against remote work security threats? 

While the above tips can work no matter where you are, remote workers have to consider safeguarding their home Wi-Fi just as vigilantly. The 2019 NetDiligence Cyber Claims Study indicated that 96% of cybercrime-related losses were made by small to medium-sized businesses.

COVID-19 didn’t make the issue any better as the attack surface was expanded with so many people working from unsecured locations.

Consumer-grade internet security is not going to cut it. So, what are some things a remote worker can do to reduce cyber risks when working from home?

Don’t save data locally 

Cybersecurity laws require that any confidential, personally identifiable information (PII) data stored on a local hard drive is protected with disk encryption and reasonable care. Utilizing data locally also requires the accountant to be responsible for backing up the data to the network.

This may lead to version control problems and overwriting others’ work. 

Disallowing any local data is the better solution. Update policies to ensure data creation and storage happens in the cloud to protect it more effectively. 

Transfer files digitally 

When going back to physical meetings with clients, either at your firm or a client’s office, it is crucial to not fall back on old habits. One big no-no is accepting data on a flash drive (which can lead to a firm’s exposure to malware). Clients should be taught to transfer data via portals or secure email.

Post-COVID policies should exclusively promote client use of portals and secure email instead of any physical media.

Firms that only accept electronic documents won’t need to worry about returning clients’ physical source documents. Not only does this save time, but it also ensures the clients’ records stay safe and secure. 

How can accounting firms and teams work remotely?

help your team learn how to secure firm data
Teams can work remotely and secure firm data with proper training.

Most of us have become very comfortable leaving our computers on at home when we go grab a cup of coffee or take a break to walk the dogs.  

Stop!

Leaving firm and client data on the screen while working from home has not yet been identified as much of a risk, and some employees have even extended the time it takes for their automatic screen lock to invoke. However, leaving a computer display visible in a public space exposes data to prying eyes, particularly if the user walks away from the workstation to get a refill or ask a question. 

Keep client information confidential 

Using a privacy filter protects against shoulder surfers. Best practices point to reminding personnel to stay aware of their surroundings and lock down their workstations when they step away. While we don’t recommend leaving a laptop unattended, using a cable lock, disk encryption and an automatic screensaver provides basic protection. 

You may also want to investigate:

  • Enroll in security awareness training: Most cyberattacks occur due to human error and ignorance of how to prevent them. Training will help remote workers know what to look for.
  • Report suspicious activity: Train your staff to not only recognize phishing and ransomware attacks but to report them. The sooner you learn of such an activity, the better position you may be in to stop it.
  • Block entry points: The best way to secure firm data in any scenario is for remote workers to configure their home’s wireless router with the latest firmware upgrades and unique passwords. Whitelist devices on your network with a MAC filter as well.
  • Set up two-factor or multifactor identification: Sure it is a hassle, but so is a potential lawsuit or hefty fine related to a data breach. Play it safe and protect sensitive client data with this essential security measure.

The newest normal 

As the coronavirus threat subsides, all of us will return to a “new normal” work environment. Undoubtedly, the way we will work will be a hybrid version that incorporates the best of working from home, returning to an office environment and physically meeting with clients. Be sure to do so safely by considering the physical and virtual requirements of this modern workspace. 

Always secure firm data while traveling or working remotely 

Keeping your company’s personal information and client data secure while on the road or working remotely is a no-brainer. If you want to secure your home office or stay safe when traveling, you must strive to keep your firm data secure at all costs. 

Now, you can try to keep up with 101 methods for doing so, or you can cut down on some of the work by using a cloud-based service like Right Networks Cloud Premier. 

Our outsourced IT solution, Right Networks Cloud Premier, includes a portal for efficiently transferring client files and data. We also offer managed secure workstation or Security Awareness Training programs that will assist in protecting your firm’s data assets and integrity. Learn more about how firms are using Right Networks Cloud Premier to reduce IT hassles and stay secure. 

Recommended next

3 essential remote work technologies


Share

Have questions? We are here to help.

Give us a call at 888-210-0237.

Want to hear from us?

Join our mailing list and get all of the latest news delivered straight to your inbox.