By now, we are all well aware that data breaches pose a serious risk to accountancy practices (so much so that a breach could put your firm out of business). We have also explored some practical actions you can take to reduce the risks — some of which you may already be doing.
But what if you don’t have the right people to carry out these critical projects? Or maybe you simply don’t have the time or capacity to do them?
Without the necessary resources, we often see firms stalling in cyber security best practice. But the risks to your clients are too significant to ignore.
Fortunately, there’s no need to worry: Pro Drive can help! Below we have highlighted some of the ways we are already working with accountancy practices to help them keep their data safe.
Managing your data
Putting robust processes and procedures in place is a monotonous but necessary part of running a business — especially when it comes to looking after the information and data you hold.
Data can be complex, held in various locations and requires handling in different ways. You cannot expect your staff to know or remember this; as such, it is important to document it for later use.
It can be difficult to know where to start when writing a system to manage your data. Then there is also the added pressure of ensuring everything you do is in line with GDPR.
Pro Drive can assist with this. Our knowledge of the accountancy sector enables us to provide appropriate templates to get you started. And if you want to demonstrate you are looking after your client’s information correctly, we can even help you become certified to the IASME Governance standard.
Looking after your passwords
Passwords are becoming an outdated method of securing our systems. Nevertheless, the majority of IT applications and websites still require their use, and until a widely adopted alternative emerges, they will remain an issue.
The main problem with passwords is memorising them. As such, many of us have got into a terrible habit of reusing them or writing them down to help us remember them — making them incredibly insecure.
So what can you do about it? Having a firm-wide system to manage your passwords helps to address the problem. Pro Drive can help you put best-in-class password management in place and train your team to use it.
Not only will this provide a secure vault to store your team’s passwords, but it will also increase productivity — allowing everyone to auto-log them instead of wasting time typing them in.
Great to know considering most applications are now accessed through the Cloud! And the best thing? A password manager can also provide reports on how secure your team’s passwords are, highlighting any issues.
Training your staff
As we have reported time and time again, people are by far the biggest weak link in an organisation’s cyber security. And yet, you’d be surprised how few firms have cyber security training programs in place. Especially when you think about how much emphasis is placed on CPD and other awareness training such as anti-money laundering.
Cyber security may not be the most engaging subject to your staff, but training in this area is critical to keep your firm safe. It is also relatively inexpensive, compared to many other cyber security initiatives.
At Pro Drive, we help our clients tackle this problem through an innovative cyber training platform which uses engaging videos that demonstrate real-world cyber security problems in a light-hearted way. We also send out simulated ‘phishing’ emails to ensure this threat remains at the forefront of everyone’s minds.
Getting your firm certified
Cyber Essentials is a UK Government standard for secure configuration of your IT systems which, if implemented, will prevent up to 80% of cyber-attacks. While it can be achieved through self-assessment, it does require some technical expertise, as well as in-depth knowledge and understanding of what the assessors are looking for.
Our Cyber Essentials services can help by translating the standard into a language you understand. We will also help you to identify practical ways, which are appropriate for your particular business, to help you comply. Finally, we’ll take care of the entire certification process — so you don’t have to worry about it!
“Pro Drive provided excellent support throughout the project, helped translate the technical terms into a language that made sense and suggested practical solutions to any obstacles encountered along the way.” Peter Ronayne — Director, Share Registrars
If you would like to know more about any of these solutions, please get in touch with us today.
Alternatively, if you are unsure whether they are right for you or confused as to where cyber security risks are in your firm (or if you even have them at all!), you might want to register for our upcoming workshop for senior partners and practice managers of accountancy firms.