march2021 - 12

THE LEADERSHIP ADVISOR

Security for a Work-FromHome World

IF YOU DIDN'T begin 2020 relying on cloud-based technology to allow you to work from anywhere, you almost certainly ended it that way. With a global pandemic forcing us to avoid group
gatherings, some offices went remote for the whole of the year and aren't thinking of returning
anytime soon. Even if you plan to reopen fully once it's safe to do so, it's unlikely you'll ever go

AMY VETTER, CPA.CITP, CGMA

Mindful Technologist &
Keynote Speaker
@AmyVetterCPA

back to an environment where work-from-home (WFH) isn't an integral part of your operations.
As such, it's probably time to ensure that your cybersecurity meets your current needs.
There are many ways to ensure
that your sensitive data is kept safe
from prying eyes, and the best plan
of action will vary depending on the
nature and size of your organization.
That being said, there are a number
of strategies that are worth exploring for all firms. You're probably
doing some of the items listed below,
but it doesn't hurt to brush up,
especially as your team members
are working from more places and
more devices than ever before.

EDUCATION
No matter how robust your suite of
technological defenses are, humans
will always be a vulnerable part of
the equation. Keeping your team
informed of standards and best

12

MARCH 2021 ■

practices will go a long way in keeping your data safe. Team members
should never use public wifi or plug
into public USB ports, like the ones
you find in the airport. And they
should never, ever open unsolicited
links, whether they come via email,
social media, text, or any other format. If they receive a dubious email,
such as one purporting to be from
a bank that doesn't feel quite right,
it's always better to exercise caution. You don't want to end up with
a phishing scam on your hands. You
can even run fake phishing scams
in order to test the vigilance of your
team. While you're at it, it wouldn't
hurt to encourage your clients to
engage in these practices as well.

www.CPAPracticeAdvisor.com

VIRTUAL PROTECTED
NETWORKS (VPNS) AND
MULTI-FACTOR AUTHENTICATION (MFA)
VPNs and MFA are two of the
easiest ways to add enhanced
security layers to your firm. A VPN
requires users to sign onto a specific
network in order to access certain
applications. In other words, a user
wouldn't be able to access their company data by simply being online;
they must sign onto your network in
order to do so. MFA requires users to
verify their identity in at least two
ways as a means of ensuring that a
single lost password can't compromise a network. Under the best MFA
systems, at least one authenticating
factor will be randomly generated

and time-sensitive, such as a code
sent to a phone or accessed through
an app like Duo. Stacking these
technologies, making a VPN accessible only through MFA, makes them
even more secure.

ZERO TRUST SECURITY
If you want to have the highest level
of security currently available, you
may choose to go with a Zero Trust
architecture. In a Zero Trust system,
no devices are ever considered to
be inherently safe. All devices and
users must prove their authenticity
at all times, use the most updated
patches of all software, with security assessing threats in real-time.
If you want to read more about the
specifics of Zero Trust, you can
follow the work of John Kindervag,
the thought leader who coined the
term. Microsoft also offers a helpful
diagram explaining the system.
The most important part of any
security system is making sure it is
implemented effectively and used
by all users at all times. There's
no reason a cloud-based operation
shouldn't be as secure as a terrestrial one, but in both cases, you have
to remain vigilant and stay up to
date in order to avoid catastrophe.
Data breaches are a threat to life of
any business, so there's no better
time than now to take a look at your
cybersecurity. ■


http://www.CPAPracticeAdvisor.com

march2021

Table of Contents for the Digital Edition of march2021

From the Editor: What Do You Hear When You Listen to Your Clients?
4 Tips for Firm Cyber Security in the Cloud
Get Off the Hackers' Hit List: Evolving Competencies for Finance Firms Today
From the Trenches: Client Experience for Today – Portals or Something More?
7 Tips to Prevent Tax Season Burnout
The Leadership Advisor: Security for a Work-From-Home World
The ProAdvisor Spotlight: Discover Two Key New Features in QuickBooks Online
The Labor Law Advisor: The Covid-19 Pandemic and Worker Mental Illness
The Millennial Advisor: Stop Selling: Who Needs Help?
The Staffing & HR Advisor: Finance Employment Trends in the Covid-19 Era
Apps We Love: Games
5 Reasons to Conduct a Retreat in 2021
Stay 3 Steps Ahead: Actionable Tips to Help You Prepare for a Turbulent Tax Season
AICPA News
Bridging the Gap: 4 Keys to Successful Technology Planning
march2021 - 1
march2021 - 2
march2021 - 3
march2021 - From the Editor: What Do You Hear When You Listen to Your Clients?
march2021 - 4 Tips for Firm Cyber Security in the Cloud
march2021 - Get Off the Hackers' Hit List: Evolving Competencies for Finance Firms Today
march2021 - 7
march2021 - From the Trenches: Client Experience for Today – Portals or Something More?
march2021 - 9
march2021 - 7 Tips to Prevent Tax Season Burnout
march2021 - 11
march2021 - The Leadership Advisor: Security for a Work-From-Home World
march2021 - The ProAdvisor Spotlight: Discover Two Key New Features in QuickBooks Online
march2021 - The Labor Law Advisor: The Covid-19 Pandemic and Worker Mental Illness
march2021 - The Millennial Advisor: Stop Selling: Who Needs Help?
march2021 - The Staffing & HR Advisor: Finance Employment Trends in the Covid-19 Era
march2021 - 17
march2021 - Apps We Love: Games
march2021 - 19
march2021 - 5 Reasons to Conduct a Retreat in 2021
march2021 - Stay 3 Steps Ahead: Actionable Tips to Help You Prepare for a Turbulent Tax Season
march2021 - AICPA News
march2021 - Bridging the Gap: 4 Keys to Successful Technology Planning
march2021 - 24
https://www.nxtbook.com/endeavor/cpapracticeadvisor/december2022
https://www.nxtbook.com/endeavor/cpapracticeadvisor/octobernovember2022
https://www.nxtbook.com/endeavor/cpapracticeadvisor/august2022
https://www.nxtbook.com/endeavor/cpapracticeadvisor/june2022
https://www.nxtbook.com/endeavor/cpapracticeadvisor/april2022
https://www.nxtbook.com/endeavor/cpapracticeadvisor/december2021
https://www.nxtbook.com/endeavor/cpapracticeadvisor/november2021
https://www.nxtbook.com/endeavor/cpapracticeadvisor/october2021
https://www.nxtbook.com/endeavor/cpapracticeadvisor/september2021
https://www.nxtbook.com/endeavor/cpapracticeadvisor/august2021
https://www.nxtbook.com/endeavor/cpapracticeadvisor/july2021
https://www.nxtbook.com/endeavor/cpapracticeadvisor/june2021
https://www.nxtbook.com/endeavor/cpapracticeadvisor/may2021
https://www.nxtbook.com/endeavor/cpapracticeadvisor/april2021
https://www.nxtbook.com/endeavor/cpapracticeadvisor/march2021
https://www.nxtbook.com/endeavor/cpapracticeadvisor/february2021
https://www.nxtbook.com/endeavor/cpapracticeadvisor/december2020
https://www.nxtbook.com/endeavor/cpapracticeadvisor/CPA_Practice_Advisor_November_2020
https://www.nxtbook.com/endeavor/cpapracticeadvisor/october2020
https://www.nxtbook.com/endeavor/cpapracticeadvisor/september2020
https://www.nxtbook.com/endeavor/cpapracticeadvisor/august2020
https://www.nxtbook.com/endeavor/cpapracticeadvisor/CPA_Practice_Advisor_July_2020
https://www.nxtbook.com/endeavor/cpapracticeadvisor/CPA_Practice_Advisor_June_2020
https://www.nxtbook.com/endeavor/cpapracticeadvisor/may2020
https://www.nxtbook.com/endeavor/cpapracticeadvisor/CPA_Practice_Advisor_April_2020
https://www.nxtbook.com/endeavor/cpapracticeadvisor/CPA_Practice_Advisor_March_2020
https://www.nxtbook.com/endeavor/cpapracticeadvisor/february2020
https://www.nxtbook.com/endeavor/cpapracticeadvisor/december2019
https://www.nxtbook.com/endeavor/cpapracticeadvisor/november2019
https://www.nxtbook.com/endeavor/cpapracticeadvisor/october2019
https://www.nxtbook.com/endeavor/cpapracticeadvisor/september2019
https://www.nxtbook.com/endeavor/cpapracticeadvisor/august2019
https://www.nxtbook.com/endeavor/cpapracticeadvisor/july2019
https://www.nxtbook.com/endeavor/cpapracticeadvisor/june2019
https://www.nxtbook.com/endeavor/cpapracticeadvisor/may2019
https://www.nxtbook.com/endeavor/cpapracticeadvisor/april2019
https://www.nxtbook.com/endeavor/cpapracticeadvisor/march2019
https://www.nxtbook.com/endeavor/cpapracticeadvisor/february2019
https://www.nxtbookmedia.com