CNA’s Nick Graf, Risk Control Consulting Director, and Sarah Beckett Ference, Risk Control Director, recently co-wrote “Controlling your data: Use these controls to secure your firm’s critical information,” a Journal of Accountancy® article that examines controls to secure CPAs’ critical data from cybercriminals.
Controlling Your Data by Nick Graf and Sarah Beckett Ference, CPA
Target. Home Depot. Anthem. The IRS. The U.S. government. Numerous hospitals and universities. The commonality? All have been the victims of headline-splashing cyberattacks that led to the breach of confidential data. With so many cyberattacks in the news, many CPA firms may wonder, "Are we next?"
CPA firms can be a treasure-trove of information for cybercriminals. Firms routinely collect sensitive information from both clients and employees, including Social Security numbers, bank account information, earnings and business information, and, if the firm accepts credit cards as payment, credit card numbers. All of this information requires protection under professional standards and various state and federal laws and regulations.
Most firms have acknowledged that data security represents a critical risk requiring careful management. However, implementing controls over data security can be unfamiliar territory with a daunting vernacular. This can be especially challenging for sole practitioners or firms without dedicated IT resources. To help get started, consider implementing these baseline security measures.
Continue reading the full article on Journal of Accountancy’s website.
This material is reprinted with permission from Journal of Accountancy © 2016. All rights reserved.