The thought of building a data security plan for your accounting, bookkeeping or tax preparation practice might feel daunting. But if you take the project one step at a time, you will have a written plan (as urged by the IRS), your clients' data and information will be safer, and you will have less risk as a practitioner. This is step three of your roadmap.
There are six components to a data security plan.
- Install and update antivirus software that scans files and memory for malware
- Use firewalls to shield your computer or network from malicious traffic or malware
- Use two-factor authentication to secure email, accounting software or any password-protected product
- Routinely back up critical files to a secure external hard drive or cloud storage service
- Encrypt files on computers and removable media
- Write down your data security plan as required by the Federal Trade Commission's Safeguard Rule 5
Step 3: Two-Factor Authentication
Protecting your systems and programs with multi-factor authentication during the sign-in process adds an extra layer of protection and reduces the chance of a hacker accessing your systems. Most email providers, accounting software and other password-protected programs you use offer the ability to turn on two-factor or even three-factor authentication. Unfortunately, you usually need to be proactive and turn multi-factor authentication on yourself.
There are different types of multi-factor authentication. However, according to the IRS, you should opt to turn on multi-factor authentication every time it is available. Although this will require you to take an additional step after entering a password - often a security code sent via text - the benefit of protecting your data far outweighs the seconds it takes to enter that security code.
Action Items for You
1. Make a checklist list of all of your password-protected programs.
2. Prioritize your programs based on sensitive client data they contain.
3. Enter the settings panel for each program and turn on multi-factor authentication (if available).
If you use Microsoft 365 in your practice, this article will explain how to protect your Microsoft accounts.
Note: If you have questions about the security of your business or Microsoft accounts, contact Woodard Consulting Group and our team will help you plan a successful and modern security plan.