Accounting For Trouble: How to Prevent Cyber Threats as an Accountant

Accounting For Trouble: How to Prevent Cyber Threats as an Accountant

The recent COVID-19 pandemic has put most of the world in some sort of lockdown. Curfews, stay-at-home orders, unemployment: these are but only symptoms of the pandemic. Another symptom? Remote work, or as most of you may know it as, working from home.

Businesses have decided that operating normally during COVID-19 is far from a good idea, so many workers have moved to a work-from-home setup. This isn’t that bad and actually does a good job of showing that many jobs can be done from home, but it does come with its own share of problems, namely security.

Since everyone is working from home, it’s impossible to hold everyone to certain security standards since they won’t be operating on one, secure network. And if you or an employee you work with is an accountant, a cybercrime could spell disaster for the business.

Infographic Provided By personal banking services company, Centier Bank

It’s no secret cybercriminals target both small and major businesses, and it’s also no secret small businesses never come out unscathed from these cyberattacks. An accountant being vulnerable to attacks on their network will only spell disaster. After all, accountants are often the primary targets of cybercriminals due to them holding the financial information of businesses and firms.

Fortunately, as an accountant, you don’t need to be vulnerable to cyberattacks. With a few, simple tips, you’ll be on your way to securing your workstation and the information stored on it.

1. Use a Virtual Private Network

A virtual private network (VPN) encrypts any information going to-and-from the device it is installed on. This might not sound like much, but you’d be surprised at how much data gets leaked and becomes vulnerable during the trip from device to the server.

I (personally) believe using a VPN is mandatory for remote workers. You’re not able to enforce strong network security in other people’s homes, and even if you could, your security may be lacking as well. A secure VPN connection will protect you, your data, and your business/firm. Some people don’t take advantage of the security benefits VPNs offer because of the price, but a little extra pocket change goes a long way when it’s you and your business’s finances on the line.

Since protecting your business is crucial, you shouldn't choose just any VPN. With so many of them online, it can get overwhelming to where you should start researching. Begin by learning the many types of VPNs made specifically for businesses.

One type of VPN that businesses may consider is a site-to-site VPN. These VPNs enable businesses to connect multiple locations securely and provide a virtual private network across their entire network infrastructure. Another option is a client-to-site VPN, which allows remote workers to access a company's network resources remotely.

However, managing individual VPN connections can become challenging as businesses scale and the number of remote workers increases. This is where VPN concentrators come into play. How VPN concentrators work is through a specialized networking device that provides a centralized and scalable solution for managing multiple VPN connections.

2. Educate Yourself and Your Coworkers

In the tech industry, there’s a certain term used to point out the weakest link in cybersecurity, PEBCAK, which stands for “Problem Exists Between Chair and Keyboard”. If you couldn’t tell, PEBCAK refers to the user of the computer. It’s true—the weakest link when it comes to our security is…ourselves. No matter how well educated we are in cybersecurity or the precautions we take, we’re not perfect.

But that’s why cybersecurity seminars exist. For a small fee, you can hire people to educate you and your coworkers/employees on how to protect themselves and the information stored on their devices; an accountant would benefit greatly from such a seminar.

There are also lessons online you can use to educate your accountant(s), so there’s no reason you shouldn’t at least brief them with a quick security overview. It only takes a few minutes and can save you thousands of dollars later down the line. Even if you feel educated enough, keep in mind that everyone needs a quick refresher every now and then.

3. Take Advantage of a Password Manager

Similar to VPNs, I encourage you to take advantage of password managers, also known as password lockers. These password managers do more than simply store your passwords—they encrypt your passwords and store them as hashes. These “hashes” make it impossible for cybercriminals to simply hack into your account and steal your passwords. In fact, the only way to access the passwords in a password locker is to login to the account itself, which isn’t such an easy task for most cybercriminals. In a way, your passwords are (mostly) invulnerable.

The best part? Most password managers are free. I use LastPass and have had nothing but good experiences with it. If you’re not currently using one, I implore you to change that soon, especially if you’re working from home.

4. Avoid Unsecured Conference Programs

Paying attention to the sudden resurgence of Zoom is almost surreal. Most businesses I’ve associated with throughout the years prefer programs like Skype—programs backed by major, trustworthy corporations.

However, while Zoom is easy to use and set up, it’s security is…how do I say, less than optimal. As an accountant, your conferences will probably involve some sensitive information, and the last thing you’ll want is for that information to leak outside of your conferences. If possible, stick with programs that have earned trust throughout years, like the aforementioned Skype. You know, programs designed for enterprise communications. Not doing so brings in unnecessary risk, especially if you’re working from home.

5. Encourage Strong Passwords

As an accountant, you probably use specific programs on specific accounts. Hey, you may have been given a work laptop while you work from home that can only be accessed with your login information.

If this is truly the case, you’ll be encouraged to use a strong password. And if you have any say in the matter, you should encourage your business or firm to enforce strong passwords through methods such as:
  1. Requiring a change in passwords every so often,
  2. Requiring passwords to contain symbols, numbers, and capital letters,
  3. And requiring passwords to of a certain length.
  4. This can be done from the server-side, and depending on your server configuration, it can definitely be enforced while everyone works from home.

6. Back-Up Important Data

Let’s say that, no matter the amount of precautions you take, a cybercriminal manages to hack through your systems and steals your data. In this instance, let’s say they go one step further and wipe the data. What do you do?

Well, if you and your firm kept backups, focus can shift towards damage control. However, if no backups have been made, you not only had your data stolen, but you also lost all of your records. Financial records are among the most important records a business must keep track of, so losing them can spell death for a business, especially smaller ones. Encourage frequent backups while everyone works from home, whether it’s to physical media or to a cloud service. Something is better than nothing, as the saying goes.

7. Use Anti-virus Software/ Anti-Phishing Software

Think back to the first tip I presented to you. You know, PEBCAK. The user, no matter who they are, represent the weakest link in the security chain. To remedy this, certain software acts as a “warning label” of sorts. Yes, I’m talking about anti-virus software.
While anti-virus software isn’t used as much as it was back in the early days of the Internet, it still has its own purpose. Not everyone can be trusted when it comes to security, meaning anti-virus software can keep viruses, malware, worms, and other harmful software from infecting your computer and subsequently compromising the information on it.

Certain companies also make anti-phishing software, which does exactly what it sounds like: protecting you and others from scams and suspicious sites. While definitely not required, anti-virus software can be a huge help. Plus, most are free, so there’s no reason not to try one out.


Being an accountant has its perks, but during this COVID-19 pandemic, you hold some of the most valuable information the business has—information many cybercriminals would love to get their hands on.

With these tips, you can keep you and your coworkers’ data safe from cybercriminals while working from home. I encourage you to adopt most, if not all, of these tips, as they can protect you for life.
Next Post Previous Post
No Comment
Add Comment
comment url