Protecting data is important for every business, but in tax and accounting firms, trust forms the very foundation of your client relationships. Protecting client data is key to the profession, so many firms hesitate to move to the cloud, fearing that data is less secure when it is not located inside the walls of the firm.
In a recent webinar for Accounting Today, Wolters Kluwer Senior Enterprise Architect Robert Baumann and Product Line Manager Mark Ryburn discussed security in the cloud as it applies to CPA firms and tax professionals. The issues discussed made it clear that data security is not a simple subject, and firms need to go beyond basic security steps to truly protect themselves.
According to Baumann, the average cost of security breach is $7M – a figure that includes the cost of forensic investigations, notifying clients, providing credit monitoring, paying penalties and fines and of course the cost of lost clients. With so much at stake, firms need to consider how they can protect their data while still excelling at their core business of serving clients. The webinar, titled Data Security in the Cloud vs. On-Premise – Analyzing the Facts, outlines some of the most important points a firm needs to consider when creating and evaluation security policies.
One of the more recent threats to face firms is the threat of cybercriminal trading platforms that sell system information for hacked servers. These criminals sell hacking tools as well as access to hacked servers, providing low-budget, low-risk opportunities for criminals to access vulnerable systems. They have a strong interest in accounting, tax and point-of-sale software, and they target on-premise systems because these systems are often not actively monitored for breaches.
Key Components of Digital Security
If your security measures end at anti-virus and firewall software, there are a lot more security components you need to think about. Digital security includes IT management structures, IT policies, active risk monitoring, ongoing effectiveness evaluations, physical system access, and system management. Each one of these components has important implications for the security of firm data. Even the largest CPA firms don’t typically have the internal resources to fully tackle all of these components. In order to adequately safeguard firm data, most firms will need to turn to third-party, external information technology partners.
Myths about the Cloud
While many people think that physical control of data implies security, the fact is that properly-implemented cloud technology is more secure. Cloud providers have greater expertise and more technical staff than accounting firms, and they provide security at a level most firms could not afford to provide for themselves. In fact, the physical location of your data is less important than the steps you are taking to protect it.
To learn what steps you should take to protect your firm’s data security, watch the webinar: Data Security in the Cloud vs. On-Premise – Analyzing the Facts