Why CPA Firms Must Protect Their Emails
November 5, 2019
CPA emails are a goldmine for cyber criminals. The kind of confidential financial information that accounting firms hold are very lucrative, whether that money is from the ransom of holding the files hostage, or from selling the information on the dark web. Either way, CPAs need to protect their email with something stronger than your basic spam filtering or antivirus. Here is what we recommend:
Email Encryption
This is a must-have for anyone who runs a business and sends important emails. Without encryption, you run the risk of your emails being out in the open for any prying eyes to read.
What encryption means is that your emails are only legible by you and whoever has the encryption key, so usually trusted members of the firm or the person you are sending the email to. If that email were to fall into the wrong hands during the process, the hacker would not be able to read the email’s contents without the key. The email would appear to be an unintelligible mess of letters and numbers.
Wireless Lock Down
A concerning number of firms do not shut down or log off their computers when the user is not at their desk. If they’re just going to the kitchen to grab a coffee, that’s one thing, but if they’re gone for an hour for lunch then that opens up a lot of opportunities for someone to steal information and account information.
Even if firms know to do this with their computers, they often don’t know that this applies to wireless devices as well. These devices should always remain locked when not in use, and any connections to the company’s website should be turned off before leaving the device. Try to connect to corporate servers only through a VPN, and make sure to follow all security protocols.
Ransomware Protection
Notice we didn’t say antivirus. Antivirus and ransomware protection are two completely different things! The vast majority of antivirus won’t do a thing against ransomware attacks, which is one of the reasons why ransomware has become such a hugely popular form of attack this year.
Ransomware protection takes a proactive approach, constantly scanning your files for anything that looks out of place or any sneaky changes, as opposed to antivirus which usually gets to work after something has been infecting your computer by matching signatures to a database of existing viruses. Being attacked with ransomware means that your files, including emails, are held hostage by the hacker and that you’ll have to pay a fee of the hacker’s choosing to get them back. Even if you pay, that’s no guarantee you’ll get your files back or that you won’t get attacked again.
In Conclusion
For a CPA firm to protect their email, they’ll need to go above and beyond what people do with their personal computers. You will need to take an aggressive and proactive approach to making sure your emails stay yours. And as always, make sure all software is up-to-date! Running on old security patches is a huge security risk.
If you would like more information on stopping ransomware and protecting your emails, check out the TOSS C3 website and call us anytime at 1-888-884-8677.
Subscribe now and stay up to date with News, Tips, Events, Cybersecurity, Cloud and Data Compliance.