Industry Views

Making data security a top priority for your firm

June 2, 2017

As technology evolves and becomes more sophisticated, so too do viruses, malware and hackers, and their means to violate protective barriers in order to infiltrate sensitive data and information.

According to PwC’s Global Economic Crime report, cyber crime affect almost one in three organisations (32%), with the financial services industry the ‘most threatened’ by economic crime. As accountancy practices handle sensitive personal and financial data for their customers, the ramifications of a hack can be devastating, resulting in identity theft, loss of intellectual property, and irrevocable damage to brand reputation. In fact, a single incident can cost a small business upwards of £75,000 in terms of lost revenue, recovery of assets and fines. With that in mind, accountancy practices must adopt a risk-averse mindset, making data security a top priority for their business and their clients. But where to start? And how to sustain change for the long term?

A cultural shift

When considering a long term security strategy, start by evaluating your people and processes. Despite the perception that the majority of threats stem from outside an organisation, risk can be found much closer to home. According to recent business research commissioned by the UK government, employees are one of the main sources of security breaches, with 48% of respondents citing human error, and 33% claiming lack of ‘staff awareness’ as major contributing factors of cyber attacks within both large and small organisations.

In order to address these challenges and implement a culture of change, it will be critical for businesses to set appropriate guidelines as well as up-skilling their employees. For instance, running training programmes on common phishing attacks and emails scams can go a long way to reducing clicks on infected links. Elsewhere, setting standards for complex password combinations, and monitoring the use of personal mobile devices to access corporate files is advisable. By taking these types of preventative measures, businesses will ensure their employees are better informed and able to work as a team to tackle external threats.

Using technology to get ahead

Increasingly, accountancy practices are using data document capture and workflow management solutions to improve accuracy, reduce costs and speed up processes associated with traditional bookkeeping and manual data entry. It just so happens that certain solutions have the convenient side-effect of also improving your practice’s security risk.

For instance, the right automated solution allows you to capture and analyse scanned and photographed purchase and sales invoices, receipts, bank and card statements, automating your data entry to your bookkeeping solution. Look for a solution which offers a flexible pricing structure and doesn’t tie you into a costly monthly subscription and for those with in built intelligence which enables you to do more, faster. For instance, certain tools can capture tax summaries by default and if requested, full line item details including description, quantity and unit price. They can remember how you categorise your expenses such as the relevant supplier account, nominal account and tax code without ever creating duplicate supplier accounts or posting duplicate invoices in your chosen bookkeeping solution. They can even match invoices to purchase orders.

While the adoption of cloud-based computing, and use of automated tools, has risen in recent years, concerns over privacy and security remain a concern for some. Many perceive that housing data on a physical desktop is safer, yet the opposite is true. Cloud solution providers which adhere to strict legislation on data policy and whose reputation depend on it most, leverage their technical expertise to implement multiple layers of advanced security protection which smaller organisations simply can’t emulate on premise.

For those that decide to simplify processes and boost productivity with third party technologies, there are some security standards to check for before you press ‘download’. The cloud isn’t more vulnerable than any other physical or internet-connected systems; however, the required security policies are sometimes overlooked which can make it highly vulnerable to hackers. The right solution will protect users with essential in built protocols including:   

The cloud isn’t more susceptible to attack than other internet-connected or physical systems; however, certain required security policies are sometimes forgotten which can make it highly vulnerable to hackers

  • SSL encryption: An encrypted communication link which allows private information to be transmitted securely between two parties.
  • Brute force detection: Alarm raised should there be multiple failed authentication attempts are being made from a given source or to a given resource.
  • Network intrusion detection: Strategically placed sensors which monitor traffic  between network devices - alerting IT professionals if a malicious presence is identified
  • Host intrusion detection: A method of monitoring intrusion on an operating system
  • Real-time backups: The backup and memory of critical data sets in real-time, allowing users to restore information on demand  

Using automated technology will enable firms to cast off outdated and unprofitable practices, such as those associated with traditional bookkeeping and manual data entry. There is clear business sense in reducing labour spent manually logging data from paper documents and redirecting this resource into more lucrative revenue streams, such as advisory services. As we move ahead in this digital age it will increasingly be the approach forward thinking accountancy practices adopt.

It will be critical however for these same firms to keep their business secure from threat, deploying solutions which offer robust data protection, user authorisation and authentication. As well as driving considerable operational efficiencies for accountants, the right automated solution will efficiently disable security threats and enable businesses to operate with confidence.