Beware of the Big Bad Wolf

 

As for the three little pigs, security is a big issue for accounting firms.

This security issue has been a hot topic this week with the furore surrounding Google’s new (lack of) privacy policy.

Question: How do you know you’re not being phished or hacked? Who else is reading the e-mails you send?

Answer: We just don’t know.

Unless your firm is big enough to have a dedicated IT team, there are probably holes. Even so, firms with IT teams tend to solve the security issue by banning everything – ban Facebook, ban instant messaging, ban web apps, ban Google – and I’m not convinced that this is the answer either.

Regardless of firm size, how do you monitor the Facebook Chat conversation that your employee has with a client at 10 o’clock at night? Maybe it doesn’t matter. Maybe it does: what happens when the client makes a formal complaint in 6 months time about the written advice that your employee has given them? You’ve got nothing to show on your files and your employee has no recollection.

What is the answer then?

The accounting industry seems to be unavoidably pushed towards new ways of storing data and communicating with clients. The answer seems to be to take control – and I don’t mean just banning everything!

Sharing information with clients via secure areas such as Dropbox or portals seems to be an obvious starting point. Law in the US already prevents sensitive information being sent via e-mail, you would imagine UK or EU legislators won’t be too far behind.

Secondly, if clients enjoy interacting with you and your team via Instant Messaging, why don’t you chat on your own platform. Companies like Cleartext who are used to working with professional services companies and are able to provide you with your own secure platform for online collaboration in a reasonably cost-effective manner.

When I asked Cleartext's MD David Banes what he saw coming for the small business community, his view was that "being a small business is no excuse for taking a lax stance toward security, whether for on premise software or cloud-based services. You have to ask do you have a strategy that will sufficiently address every platform used in our organisation, including email, social media, instant messaging, Web browsing, desktop computers, laptops, tablets, employees’ personally-owned devices, etc.?"

If you’re reading this thinking, I don’t understand this techno-babble, you're not alone, but we need to, this is coming and is the way the Facebook Generation expects to interact.

If you’re reading this thinking that we never had these problems when everything was done by post and fax, I don’t imagine sending backups about on CDs or memory sticks is the answer either!

Let me know how you’re keeping the big bad wolf from your door, I’m really keen to hear how anyone else is addressing this issue.

Add comment
Log in or register to post comments