three keys to client file security

illustration of computer security threatswe were happy we had these when the irs and fbi came knocking.

by jody grunden
building the virtual cfo firm in the cloud

have you ever been contacted by the irs with the fbi involved? i can tell you from firsthand experience that it’s a bit alarming when that happens!

more: cybersecurity poses challenges for virtual firms | check the roi of new tools | a tech stipend for employees? why not? | why remote workers need retreats | better understanding = better communication
goprocpa.comexclusively for pro members. log in here or 2022世界杯足球排名 today.

we were once contacted by the irs because they thought our server had been compromised. when the field officer who came to our office asked to see our server, we explained that we didn’t have a server.

she was a little surprised by that information and then asked where we kept our files. we explained that we use cloud storage and programs designed specifically for encryption and security.

we take security very seriously because, when it comes to handling finances and taxes, we’re dealing with very sensitive information. we don’t have a server. all of our files are cloud-based. we also use encryption to protect data from being accessed in case someone’s computer is lost, stolen or otherwise compromised.

fortunately for us and unfortunately for them, it ended up being another cpa firm in our area that had been hacked, but the experience confirmed for us that we were taking the right measures around the security of our clients’ files.

being cloud-based and taking proper measures around security helps prevent threats like this from happening. here are three areas to consider when it comes to keeping client files secure:

  1. cloud storage: cloud storage programs allow you to store, share, back up and collaborate on your files and projects. it’s really important when we work remotely that files are stored in the cloud and don’t reside on any one person’s computer where others can’t easily access the information they need at any given time.
  2. encryption: encryption programs create an encrypted folder that can be placed inside your cloud storage folder. encryption is necessary to protect files, especially when it comes to sensitive information. a stolen laptop or a hacker over public wi-fi could result in serious data breach issues. (in addition to encryption, we advise employees never to use public wi-fi. connecting to public wi-fi at a coffee shop, airport or hotel puts all of the files on your computer at risk.)
  3. password security: password management services store encrypted passwords in private accounts. we require employees to set up random, unique passwords and not to use weak passwords such as names or the word “password” – admit it, you’ve done that before!

password management services allow you to randomly generate long-character, complex passwords and store all of those passwords securely using browser extensions and auto-fill functions that make access easier than having to look up the information and type it in each time. also, it is imperative to use two-factor authentication on your password management system as it is the gateway to all of your passwords.

our it team also randomly sends out phishing emails to our own team members to see if they take the bait. it may seem like a strange practice, but it becomes a great training opportunity. it helps team members learn to recognize those types of emails, and they are trained to notify our it team when they do.