Over the past year we saw a record-breaking high of 1,579 data breaches, as such accounting firm leadership around the world have security vulnerabilities first on their agenda.
But when practices across the globe collect and store both firm and client data, how can you be sure your organization won’t be next? In short, protecting against a data breach requires a significant amount of planning and resources. If you don’t know where to begin, we suggest that you first understand the top three security vulnerabilities that every accounting firm innately has:
1. Sensitive data is a target for hackers and malware
In 2017, we saw an almost 300% growth in global ransomware, which is malicious software that takes control of your computer until you “ransom” your data from the hacker that attacks the technology infrastructure of businesses of any size. Between attacks on Equifax (145 million people), Uber (57 million people), WannaCry (300,000 systems around the world) and Yahoo (3 billion accounts), it’s clear the threat of hackers and malware on sensitive data is only growing.
To avoid being the next victim, it’s critical that organizations stay on top of all operating system patches, including patches on software or apps that store data, like Google Chrome. We also encourage organizations to utilize endpoint antivirus applications that have the ability to communicate with edge network devices (firewalls/network). This will limit the inconsistency in the security of different devices and make it more difficult for hackers to find a vulnerability.
About Alessandra Lezama
Alessandra Lezama is the CEO of AbacusNext, a software and private cloud services provider for the legal and accounting professions.
Replies
Please login or register to join the discussion.
#1 Security Vulnerability: Using AbacusNext or Cloud9 for hosting your data. If you're reading this, do yourself a favor and stay far, far away from AbacusNext or Cloud9.
There was a massive ransomware hack that somehow spread across their systems which means they were not using secure procedures. And now this company is all over the internet pretending to be the top dog in cloud security when in reality many, many users were affected. The company response was horrible and now they are scrubbing bad reviews of thier company from the internet (I'm still not sure how they are managing to do that).
Here's article which is nicer than they should be about the hack:
https://www.accountingweb.com/community/blogs/jlinick/dealing-with-the-c...
To add insult to injury, AbacusNext has sued clients, charged credit cards even when cancellations were made within terms, and for those who wanted to leave for another provider Abacus would not release customers from their contracts.
I have been trialing using PGP encryption, what is great about it is that it scrambles text so it is unreadable to the passing user. Of course a Government dept can no doubt get the keys to decrypt but it is very secure otherwise.
Please login or register to join the discussion.