Documente Academic
Documente Profesional
Documente Cultură
www.entigrity.com
INTRODUCTION
2017 ACHIEVEMENTS
www.entigrity.com
IMPORTANCE OF CYBER SECURITY FOR SMALL
AND MID-SIZED ACCOUNTING FIRMS
www.entigrity.com
THE CHALLENGE
Cybercriminals usually target small- and medium- sized accounting firms on the grounds that, these orga-
nizations tend to give relatively lesser emphasis to data security, controls, and risk evaluations; they are
therefore more vulnerable than bigger firms. In many cases, firms don’t have enough staff in the IT func-
tion, and not all staff have the mastery to spot these issues, which can prompt further risks. Chief account-
ing officers (CAOs), chief financial officers (CFOs), treasurers and controllers are especially at risk since
they are both effortlessly identifiable on the web, and are most likely to conduct online banking transac-
tions for their practices. Any savvy cybercriminal also knows the steps for hijacking access to accounts, as
well as the security features associated with online banking.
www.entigrity.com
WHY ACCOUNTING FIRMS ARE
AT HIGH RISK FOR CYBER ATTACKS?
www.entigrity.com
WHY ACCOUNTING FIRMS ARE
AT HIGH RISK FOR CYBER ATTACKS?
www.entigrity.com
TOP 10 THINGS
ACCOUNTING FIRMS
CAN DO TO PREVENT
CYBER THREATS
UPDATE THE OPERATING SYSTEM
Whether you run on Microsoft Windows or
Apple Mac OS X, the operating system requires
frequent or rather contiguous updates for
strengthened security. System updates are
especially significant for server operating sys-
tems where all patches and updates require to
be looked into, and refreshed on a repeating
plan. Regular updates of OS upgrades firewalls
and anti-spyware in your workstations and pro-
vide for more trusted protections against
threats.
EMAIL SECURITY
Many accounting firms rely on email to commu-
nicate with clients, even to send tax documents
or personal data. As email hacks have become
increasingly common, it is significantly neces-
sary than ever to secure professional email
accounts, especially when transmitting import-
ant documents. This has also raised the
To competently perform requirements for efficient encryption software,
rectifying security service, which is hard to decrypt by an untrusted third
party.
two critical incident
response elements are nec- More than 90% of cyber-attacks begin with a
essary: information and phishing email. A vast majority of people open
an email from an unknown individual’s name,
organization.
without browsing or verifying the actual send-
er’s email address. Having your email shielded
from unauthorized access is of prime impor-
tance. One approach of it is to turn on two-part
authentication, major email services- such as
Gmail, Microsoft Office, and Yahoo offer such
stringent security features.
www.entigrity.com
ANTIVIRUS UPDATES
INTERNET SECURITY
www.entigrity.com
ENCRYPT BACKUP DATA
EDUCATE EMPLOYEES
www.entigrity.com
WIRELESS SECURITY
www.entigrity.com
TEST SECURITY MEASURES
BYOD POLICIES
www.entigrity.com
REMOTE WORKING AND CYBER
SECURITY
www.entigrity.com
FOUR Cs
ENTIGRITY's 4 PILLARS OF
CONFIDENTIALITY
CERTIFICATION
Entigrity is an ISO 27001 certified organization,
which enforces we take all the necessary mea-
sures for securing all confidential data. We em-
phasize on providing 100% safety to all client
data that is disclosed to us as part of work assign-
ment.
COMPLIANCE
Our practices are in compliance with the mea-
sures and practices, which help us do away with
cyber threats. Let's have a look at each of them.
BEING PAPERLESS
Entigrity is a completely paperless office. This
means that no pen, paper, printer, or any statio-
nery is not allowed inside the office, particularly in
the work areas. Also, we follow a clean desk
policy where every employee is required to keep
minimum articles. It is not possible to take note of
anything or print any information, or even carry it
outside the office!
www.entigrity.com
NO PERSONAL EMAILS
DISABLED USB
scope, and imagine how to All the work areas are “no mobile phone” zones.
No employees are allowed to carry their mobile
ensure a 'known and con-
devices to the work areas. The mobile phones are
sistent' risk level with deposited in secured lockers outside the work
in-house and outsourced areas, and can be used only outside the office
premises. The clients can communicate with their
means. remote staff over secured VOIP lines, if and when
they need to make a call using their phones. All
communication is secure, and is again monitored
on a regular basis by the IT Admin team.
www.entigrity.com
KEY CARD ACCESS
All the work areas in Entigrity’s office are elec-
tronically locked, and need access cards to
unlock. Only those employees are allowed to
enter a work area who have their workstation
there. Apart from that every other access is
prohibited. At times, access is granted to sub-
ject experts upon permission from supervisors
or managers but that is only limited to certain
time, when the need arises or when required
by clients. These activities are monitored by
the Admin with the help of internal electronic
surveillance.
24X7 SURVEILLANCE
The whole premise of Entigrity is under 24X7
CCTV surveillance, both the exterior and the
interiors. Every work area, has at least 2 secu-
rity cameras installed so that we can keep an
eye on every activity taking place at the office.
If you want to build security,
The Admin team tirelessly keeps monitoring
avoid straining people to daily activities to keep any unwanted activity
respect complex security taking place, and maintain the integrity of the
tasks, but rather teach them cyber security intact.
www.entigrity.com
COMMITMENT
Entigrity believes in providing transparency to
the claims we put forth towards our clients.
While working for CPAs and Accounting firms,
protecting their data is as important as it is for
our own. Hence, we sign up with a Non-Disclo-
sure Agreement with every client. This binds us
ethically, professionally, and legally to protect
the confidentiality of the data that is being
shared with us.
www.entigrity.com
CREDIBILITY
After having worked with hundreds of clients
from across the nation, we have had a
tremendous record of ZERO security breach-
es into confidential data of clients. We take
pride to share numerous client success sto-
ries, testimonials and reviews from our clients,
which are consequently, our stories of out-
standing achievements in data security and
quality of service. Several clients have taken
their time to visit our operations Centre in
India, and have found the offices to be very
stringently safeguarding critical, sensitive
client data / information. We have often heard
from our clients that our office is more secure
than that of their own!
www.entigrity.com
CONCLUSION
All professionals owe a duty to their clients,
managers, and other employees to address
digital security. Being aware of breaches at
other companies is not enough, nor is
crisis-mode response to security problems at
your own organization. Active contribution is
key to addressing the risks of illegal cyber
activities: Understand your data and focus
efforts on the most critical information, imple-
ment encryption, become compliant with Cy-
bersecurity regulations, educate employees
about mobile devices, and devise a basic set
of desktop security policies. These steps are a
good first start, but they do not completely
cover the gamut of standards and protocols
seen in a high-security Cyber Security Risk
Management System.
Much of America's most For the accounting firms, who are also having
sensitive data is stored on their teams working from remote locations,
computers. We are losing they need to select their vendors after due
research and assurance that the data shared
data, money, and ideas
would be as secure as their clients would
through cyber intrusions.
want. Hence, Entigrity can proudly boast of
This threatens innovation the fact that there have been no security
and, as citizens, we are also breaches at our office till date.
increasingly vulnerable to
losing our personal infor-
mation.
www.entigrity.com
Watch Webinar
CYBER SECURITY FOR
ACCOUNTING FIRMS
By MIKE GOOSSEN, CPA