As an accounting professional, you will have access to your clients’ sensitive information therefore it’s vital that you make all necessary arrangements to safeguard that information. By putting these five simple IT measures in place, you will be protecting your clients, tightening your data security practices and reducing the risk of a data breach.
Carry out a check of all the machines in your firm and you may be surprised to find that most users will be working in the admin account. If users have admin rights, it means that they have full access privileges to the operating system on that machine and will be able to change the system settings, install software, delete applications and much more. Removing the admin rights will mitigate 94% of the critical vulnerabilities and protect the data that is stored on the machine’s systems. It’s an important step to remove admin rights and create separate user accounts thereby only giving elevated permissions to the users that need them to do their job.
Whilst USB sticks are convenient and easy to use and carry around, it is important to remember that they are also a security risk precisely for those reasons. If you put data onto a stick and then lose it, there’s nothing to protect that data. If you must use one (there are numerous other ways to save and store data with greater levels of security), be sure to choose an encrypted one from a trusted provider. Avoid at all costs those freebies and promotional giveaways which give no protection and which may leave your computers vulnerable to viruses or malware. Consider locking down all USB ports on your office computers too which will ensure data security is not compromised.
Permissions to access data
Essentially, people should only access data that is required for them to do their job. Anyone else in the organisation should not have access. This can be achieved through the permissions on windows folder structure by requiring management and a form or regular review. An alternative solution which provides a number of other benefits is to implement a document management solution so that there is no risk of data falling into the wrong hands. A good and well set up document management solution will enable you to apply a number of measures which can include permission controls, version controls, collaboration and productivity gains by saving emails directly to the correct folders in the document solution.
We live in a world where passwords are required to access systems and data. We’re constantly bombarded with advice, telling us to use strong passwords, change our passwords regularly and not to use the same password for different logins. Sometimes the level of noise surrounding this means people become complacent to it. However, the advice is given for a very good reason. For example, you would expect security protocols and systems to be less secure for the local pizza delivery service than for sites such as Amazon or Paypal. So, if you use the same password for a takeaway delivery account as you do for your email account, if the pizza system is breached, the hackers will use those credentials on as many popular sites as they can program. Things like Amazon, Paypal, Yahoo, Hotmail, Outlook, Facebook, Linkedin, Twitter, Instagram will all be tested if you have used the same password and email address – you are exposing yourself to hackers who will work away and ultimately uncover sensitive data. If you are unlucky enough to be hacked, it’s vital that you change your password in different locations to protect yourself fully. To help you manage your passwords, it’s worth looking at the current government guidelines for good security practices on the National Cyber Security Centre website. Following this simple advice will greatly improve the security you have around the access to all of your personal accounts.
MFA is a proven way to add an additional layer of security at the login process whereby users will only gain access to an account by giving two or more pieces of proof of identity – one that they know (eg a password) and one that they have (eg a PIN or code which is sent by text or email or an authenticator app). This reduces the risk of a hacker attacking an account with guesses at the password. That’s because much of hacking is bot-driven automated weakness detection which will only get into a system that has a vulnerability. MFA makes the system much more secure. If we look back at our pizza delivery example from the previous paragraph, if you added MFA in, it would make it very difficult for the hackers to breach the other accounts. Ensuring complex and different passwords with MFA on your accounts where possible will greatly improve the security of your accounts.