10 Cybersecurity Practices That Create the Best Remote Environment
As firms work remotely and cloud applications and security become more important than ever, accountants should be thinking about cybersecurity in new ways. As they say, the best defense is a good offense. But what may have worked in the past to protect you from hackers and other security threats is likely no longer sufficient as methods of attack become increasingly more sophisticated. There are, however, many cybersecurity strategies and controls that accounting firms can implement in order to significantly reduce the likelihood of a successful attack and minimize the resulting damage if attackers do gain access to systems. Here are some.
Password requirements
Passwords are the first line of defense against illegal access to systems and information. You need strict requirements for employee passwords that ensure length, complexity and randomness. A system wide requirement should also mandate that employees change their passwords at frequent intervals.
Multifactor authentication policy
Multifactor authentication is one of the best ways to prevent unauthorized access to email accounts and systems. A multifactor authentication policy requires a user to have two pieces of information to gain access, not only a password. This prevents attackers from gaining access even if user passwords or credentials have been compromised.
Role-based action control
Role-based access control is a neutral access policy that restricts every user’s access rights solely on the basis of the role played in the organization, granting specific access to specific roles. Also known as a zero-trust model, this approach restructures access within your firm’s systems based on a “never trust, always verify” philosophy targeted at preventing improper access.
Strong encryption at rest and in transit
Strong encryption is crucial to protecting your data from outside eyes, and you need to be sure that your data is secure regardless of where it is or how it’s being used. Encryption must exist when data is at rest, or simply residing in your system, as well as when it’s in transit, or moving from one location to another. Equally important is knowing who has access to the encryption keys at all times.
Patch management and regular vulnerability scanning
A crucial aspect of security is always knowing what systems are connected to your network and ensuring they are up to date. Regular vulnerability scanning will identify those systems for you, along with any potential vulnerabilities in them. Patch management pinpoints and installs any patches that are missing, confirming that your devices and systems always meet the most current security standards.
Network architecture and boundary protections
Preventing attacks requires understanding the structure of your systems and networks. Network architecture is the physical components of your technology stack and how they are configured, organized and interconnected. Boundary protections are processes for monitoring and controlling communications at the external boundaries of the network to prevent infiltration.
Audit logs
Spotting anomalies in networks and systems requires keeping detailed records of all activity. Audit logs are critical to collecting information on security incidents in order to analyze them, reverse-engineer the attack to identify vulnerabilities and determine whether changes are needed going forward.
Proactive security monitoring with AI behavior-based protection
Proactive security monitoring is crucial to detecting threats before they wreak havoc on your systems. Behavior-based security measures that incorporate advanced AI and machine learning are designed to proactively monitor all activities in order to identify anomalies and deviations from normal patterns and offer a protective response as soon as anything is detected.
Third-party audits and penetration tests
Cybersecurity threats aren’t limited to your own systems. Most accounting firms work with several third-party vendors, including cloud providers, which offer alternate avenues of access to firm systems. Firms should regularly audit those third parties to ensure that their security measures meet firm standards, including running penetration tests to probe if the third party’s defenses are sufficient to notice and prevent simulated attacks.
Backups and other resilience planning
If an attack happens, firms need to have a plan for recovering both data and applications. This requires having backups in place, but your strategy should go even further. IT resilience planning involves implementing tools and applications that will automatically take the necessary steps to protect your data and systems as soon as an issue arises, before backups are even necessary.
(Source: AccountingToday – Best of the Week – August 29, 2020)