Technology and Taxes: The Accountant’s Responsibility by Gurjit Singh In the world we live in today, the only way to avoid becoming a victim to malware and/or identity theft is to disconnect yourself and your workstation from the internet. Unfortunately, in today’s business environment, that is not an option. Accounting firms maintain a significant amount of personal data on behalf of their clients, ranging from financial records to personally identifiable information. Keeping this data safe is a real concern for every single organization that houses it; the question is, are you following best practices to minimize your risk of a breach?
perimeter, hardening the endpoints with application whitelisting policies and subscribing to advanced threat protection services, is still at risk through the human end-user. People are the first line of defense against cybersecurity attacks. Hackers are smart; they will start where the path to success does not require penetrating through layers of security. Instead, they rely on an attachment or a hyperlink that will grant them the level of access they need without breaking a sweat. One way hackers accomplish their goals is by engaging their target in a phishing expedition. Phishing scams are a popular way for hackers to try to get your personal information, and, if successful, hackers don’t have to do anything to get into your account other than send you an email.
Email Vigilance The Risk There is no way to be completely sure that a system is impenetrable and safe from a cybersecurity threat; however, exercising best practices can turn the difficult task into a manageable event. Threats will continue to emerge and impact those that do not establish a strategy with best practices. First and foremost, the highest risk is posed by the human end-user. Even a firm with the most wellplanned and well-funded technology investment, including safeguarding your
Email is another means of information transfer where one needs to be vigilant. Did you know that if you or a member of your organization receive emails that contain sensitive information and ignore the email, neither deleting nor reporting the incident, the entire
MARCH/APRIL 2020 AZ CPA
17
