What Working in the Cloud Means for Accountantsby
Cloud computing, working remotely, and leveraging technology are trends that dominate the headlines for businesses and accounting professionals. Business and financial information are both increasingly global in nature, and it is important that accounting professionals remain relevant in a market that is increasingly fast-paced and dynamic.
That said, it is relatively easy to lose track of what exactly the terms “cloud computing,” “working remotely,” and “data integrity” mean for accountants – both as individual practitioners and as members of the profession. Adopting new technological tactics and strategies for business simply for the sake of keeping current with the marketplace is a recipe for poor implementation, possible data breaches, and potential loss of time, clients, and money.
Before considering or diving too deeply into the specifics of how to better manage working remotely and cloud computing, it is important to remember what exactly cloud computing means in a tangible sense. At the end of the day, cloud computing means that instead of installing a server in an office or hall closet (depending on the size of your firm), you sign up for a service that allows you to rent server time from a third-party provider. In essence, you outsource that data storage, security, and processing from your organization to another organization.
An offshoot of this is the ability to work remotely due to the fact that information is now available from everywhere via a VPN or other type of secure connection. The primary issues that arise, particularly as millennials become a larger percentage of the workforce, relate to data security, data access, and the ability of employees to interact successfully with both each other, clients, and other business partners.
Drilling specifically into the issues of working remotely and cybersecurity, there are a few areas in which practitioners and organizations can improve their data security and access to information. In order to meet the needs of doing business, as well as clients, accounting professionals and information must be available and flexible, but that is no excuse for not taking precautions and implementing several ideas and tactics to better secure data and client information.
Working remotely and being able to access organizational and client data on the go are assets to any organization or individual who is seeking to keep pace with the rapidly changing business environment. That said, there are risks that are inherent with working remotely, the most important of which is that by accessing information and data on multiple devices and in multiple places, that information is exposed.
In addition to the risks of being hacked, which are addressed in the next section, there are far more traditional risks associated with working remotely. Especially as working remotely expands in frequency and becomes more commonplace, security measures for both hardware and software must be implemented and expanded upon.
Perhaps the simplest, and most effective, measures that individuals can take while working remotely are to:
- Secure your devices physically between destinations.
- Make sure the devices are locked and password-protected whenever you step away, even for a minute.
While these might seem like straightforward tips and advice, looking around any conference hall, meeting room, train station, or airport, you are sure to see unattended devices, and devices open and unlocked. Such straightforward tips are sure to become even more important as working remotely becomes more the norm and less the exception.
Cybersecurity might seem like the domain of technology experts and specialists, but it is a matter that should be of concern for anyone working in, or managing others, in the accounting field. The core function of accounting and finance, in essence, is the information and data that is provided from accounting professionals to the other aspects of the enterprise, or from the accounting professionals to the client. In whatever specific case you find yourself in, the premise that cybersecurity is important is universal.
Solutions, software, and advice abound regarding how to protect yourself, your data, and your clients, but there are several relatively straightforward things that can be done to keep your information safe, without requiring a PhD in computer science.
1.Change your passwords frequently. This should go without saying, but most people never update their passwords, unless they are forced to. This is Cybersecurity 101, and it should be done frequently, perhaps quarterly, to align with other business processes you are doing anyway. While you are at it, you should be creative with your passwords (i.e., using “password1” as your default password might not be the ideal choice).
2. Keep your anti-virus software up-to-date. Again, this is a relatively straightforward tactic that should be used by both individuals and organizations, but anti-virus often is either allowed to lapse or an older version is used. While you might save a few dollars in the short term, exposing yourself and your organizational data to cyberhacking is not a viable long-term business strategy.
3.Be proactive. LifeLock might be the most aggressive identity theft and cybersecurity firm in terms of advertising and grabbing your attention, but there are a multitude of options available to protect and monitor your online identity. Much like individuals check their credit scores routinely, organizations and individuals should receive assessments and vulnerability testing on a regular basis. It is certainly better to be safe than sorry.
4.Air gap your critical data. If you are managing client data, or have information you do not want compromised (i.e., important financial or medical information), one of the best things you can do is to air gap the machine or server where this information is stored. By not connecting this machine to the Internet, and by strictly monitoring what, if any, external devices are ever hooked up to this machine, you will have much better control and confidence in the integrity of your data.
Working remotely and the increasing digitization of information have dramatically changed the way in which organizations do business. While such connectivity has resulted in greater flexibility and mobility for both employers and employees, it is imperative that individuals and organizations recognize some of the risks associated with these changes.
That said, there is no reason, with a few common-sense and straightforward policies and tweaks to existing processes, that people and companies cannot leverage connectivity while securing their information.
Sean Stein Smith is a professor at the City University of New York – Lehman College. He also is the chairperson of the NJCPA's Emerging Technologies Interest Group (#NJCPATech). He serves on the Advisory Board of the Wall Street Blockchain Alliance, where he co-chairs the Accounting Work Group. Sean is on the Advisory Board of Gilded, a...