High-profile data breaches that are reported in the media have put security and privacy more in the public conscious. It’s more likely than not that potential clients will have hesitations and concerns when you ask them to share their personal information with you.
As a CPA, you may not be an expert on cybersecurity, but nowadays, most clients expect you to be, now that the industry has moved more and more into the digital realm.
Concerns over cybersecurity may lead clients to question how you personally handle their data, so you want to be prepared to assure them that you apply the best practices when it comes to protecting their personal information.
When sharing essential documents with your client, they may be upset if you send them directly to their email on an attachment. Email is far from the most secure method of sending data and is vulnerable to being breached or intercepted by outside parties. Emails are good for general communication, but when you send an attachment, not only is it susceptible to being received by someone else but a copy of the document is usually stored on both yours and your client’s email servers, leaving two places for hackers to breach and take their data.
The best solution to ease the client’s wariness of email is to present them with a secure file-sharing solution. Rather than sending a document over as an email attachment, a secure file-share service sends an email to the client with a link that brings them over to your document management interface. This creates a highly encrypted connection between your system and the client’s computer where they can download the document directly to their hard drive without having to deal with a third-party service.
Likewise, they can also upload documents you request through this secured connection. You can send an email requesting the necessary documents that will bring them to your interface where they make the upload directly to the location and folder you request.
Clients want to know that only you and a handful of others have access to their information. When working with a large firm, they may have concerns about that many people having access to their data. It’s true that many data breaches come from internal sources, such as when someone in the company accidentally reveals their login information to an outsider who takes advantage of their access.
You need to be able to assure clients that only you have access to view their data. You can do this by using a system that has explicit permission settings for individual documents as well as whole groups of documents. Permission tools can enable you to lock out any user from viewing documents you upload to your designated cabinet and give selective access to a selected few. There are different levels of access you can grant, including permissions to view, to download and to write. So even if someone uses an employees user login to access the system, they won’t even be able to see your client’s documents in the system.
The last thing you want is to backup your client’s data to outdated media like a CD or flash drive. These can be lost, stolen or broken. An external server is better, but if it’s onsite, then it’s still vulnerable to the same threats that your office computer is. It’s wise to have multiple backups that are located in separate locations. Clients may ask you about how you backup data, and if you don’t have a good answer, it’s not going to look good.
Having a system that automatically does consistent backups to multiple off-site locations for you is not only secure, but allows you to focus on other tasks.
eFileCabinet is a document management system that utilizes all of these tools to allow you to assuage clients’ fears to let them know you take their privacy and data security seriously.
To read more about what clients expect from their CPAs, download our eBook Tech-Savvy Clients Are Going to Ask You Tough Questions.