Data Security Issues Accounting Firms Must Address Before Moving Their Accounting To The Cloud
With the emergence of cloud computing, social media, and blogging, accounting firms have found new ways to collaborate and conduct business with their clients. Unknowingly, much of the data now resides on the internet. Cloud computing has provided these accountants an opportunity to work anytime and anywhere. With the use of devices with capability to connect to the internet, accounting applications and data can now be accessed through a web browser.
Because of this great benefit of cloud computing, concerns about the security of accounting data are also being raised. Accounting data must be protected from entities who want to use the data for their fraudulent transactions. The data must also be protected from unauthorized private or government invasion. Due to the lack of security standards and the possibility that the accounting data can be located anywhere around the globe, data security may be difficult to manage especially when each country has its own laws and regulations about it. There are, however, certain steps which an accounting firm can take in order to ensure the confidentiality and security of their data.
Social networking and blogging are now being used as an effective way of communicating with clients. In order to ensure data security and confidentiality, anyone assigned to publish comments and posts in blogs and social networking sites must be educated so that he can practice common sense in sharing facts, updates, and comments in these sites. By adhering to this simple step, an accounting firm can greatly reduce the possibility of breach of data confidentiality and security.
Accounting firms may find it difficult to secure their data when they don’t know where their data is located in the clouds. Working out the data security details with cloud computing providers can be a great way to maintain confidentiality and security of accounting data. It is important that accounting firms know where their data will be located at the initial phase of evaluating cloud computing providers because some countries may have inadequate laws and regulations to protect the said accounting data. Some countries, especially in the European Union, have started aligning their data laws and have taken steps to strictly protect data confidentiality.
In evaluating cloud providers, an accounting firm must consider availability, integrity, and confidentiality. The cloud provider must be able to ensure almost a 100% uptime so as not to disrupt the firm’s business temporarily. Safeguards must be in place to provide an assurance that only authorized individuals can access the data center configurations and applications so that data integrity won’t be affected. Internal controls must be also be implemented to promulgate policies with regards to segregation of data, authentication of users, and authorization of user access. In general, a reputable cloud computing vendor can provide a higher level of data confidentiality. The accounting firm may review the cloud service provider’s policies regarding confidentiality before taking advantage of the cloud computing service.
Finally, in order to address liability for intangible losses related to privacy breaches and data loss, there are cyber liability insurance policies available to address this need because other existing policies like errors-and emissions and commercial general liability do not cover such intangible losses. A lot of companies are taking advantage of such insurance policy so that they can restrict their liability to 3rd parties which may be affected in case intangible losses occur. Some insurance policies also pay for expenses which are incurred to control the damage after each loss.
Although cloud computing can offer scalability and flexibility, it does expose its users to possible and unpredictable breaches of data security and privacy. Thus, an accounting firm must exercise caution in taking advantage of the service. Before surrendering accounting data and applications to cloud providers, the accounting firm must ensure that it addresses liability, data security, and privacy with its chosen cloud computing supplier.
Florence de Borja