All SMEs including accounting firms have a common issue: security, with ransomware, data breaches, employee theft and scam artists becoming an increasing issue for all companies. Unfortunately, the security market is becoming more convoluted with merchants who only care about sales, as well as poorly made “silver bullets.” How do we keep our firms secure amongst all the noise? Well we simply have to seek out experts and keep ourselves informed.
One of the biggest debates when it comes to considering your data security is what do you use to share data? How do you share access to apps? Well, as Ping’s senior technical architect Sarah Squire explains, “the two best practices are to encrypt data when it is stored and when it is transferred. When transferring to a client, the client needs a private encryption key on their computer to decrypt the file.”
What is identity management and why do I need it?
Identity management may be a foreign concept to many of us, but this is another integral practice for securing your firm. Employing identity management means setting up identities for each member of a firm and giving them separate permissions for logging into your software.
A common solution to the use of identity management is a password manager, either locally or through the cloud. However, as Sarah Squire states “(Password managers are inferior) because a password manager is controlled by employees. You could have an employee who is a bad actor and you need to log them out of all their apps at once.”