No matter how much organizations try to increase their cybersecurity stance, their efforts are virtually all for moot if they ignore one of the weakest (yet most vital) components of all: password security. Even as recently as this year, companies like Twitter and Under Armour found their organizations under attack — with the passwords, emails, and other sensitive data of hundreds of millions of users being compromised and exposed by hackers.
As a trusted Los Angeles managed security service provider (MSSP), FPA’s team of experts have frequently seen this issue over the years with prospective customers: They’d spend thousands of dollars upgrading their cybersecurity defenses and IT infrastructure. But, then they would do nothing to improve their password policy or requirements. A solution we recommend is the use of a virtual password manager.
The use of password management software is rapidly becoming more prevalent for certified public accountant (CPA) firms. A password manager is an encrypted storage mechanism for online password information that you or your employees can use to help keep your firm’s credentials readily usable and secure. Some password managers are included within your computer or device’s operating system, web browser, or other applications. Others are standalone password managers.
But, are password managers safe and reliable to use? The answer, overall, is an emphatic “yes.” While it’s true that no system is 100% “unhackable,” there are steps you can take to protect your account credentials and other sensitive data. This includes the use of multi-factor authentication (MFA) methods like two factor authentication/dual factor authentication (2FA/DFA), password management systems, and strong cybersecurity best practices; all of which can go a long way in helping you keep your passwords secure.
Here are a few of the ways that both your accounting technology and CPA firm overall can benefit from integrating a password manager into your cybersecurity efforts.
1. Employees Can Easily Employ Complicated Passwords
Frequently, using a password manager is safer than using no password management software. Weak passwords are among the greatest dangers to technology for CPAs and their firms (among other organizations). Your password is ineffective and leaves you vulnerable if it contains any of these common mistakes:
- Using all lowercase letters,
- Using the names of any pets or family members,
- Using the word “password” in your password, or
- Not using uppercase letters, numbers, or symbols.
Creating a strong password — which should contain a mix of lowercase and uppercase numbers, symbols and, ideally, no words that are found in the dictionary — is one of your best user account cyber protection methods. Furthermore, a secure password is one that is not recycled or reused among different accounts! This means that each employee should create a separate and distinct password for each of their accounts.
One of the most significant benefits of an effective password management system is that users can create highly complex passwords to increase the security of all of their account credentials without the challenge of having to remember them all. This means that you can create passwords that amount to gibberish — that are filled with upper and lowercase letters, special characters, and numbers — and not be tasked with having to write them down or remember them. Indeed, it’s a win-win for both the user and your CPA firm as a whole.
2. Password Managers for Business Are Easy to Use
Probably the thing that makes using password management software easy is that employees don't have to remember 10 or more distinct account passwords — they just have to remember one “master” password. This single password is what you use to log into the password manager and allows you or your employees to log into the firm’s accounts automatically.
Furthermore, a password manager simplifies the process of using shared accounts because they don't have to remember those individual passwords. It may take a little time to set up, but once they are in place, they are incredibly easy to use. All you have to do for many password managers is point with your mouse, click, and log in (because the password manager fills out login forms automatically for you).
Some password managers include advanced password-management features as well, such as application password management and use of a secure browser for sensitive transactions.
3. Password Managers Are Easy to Integrate Into IT Systems
Using a reliable and secure password management system is a solution that we recommend to all of our clients. However, not all password management software programs are created equally. There are many different types of password management systems available on the market, including both free services or those that can be purchased.
Some of the most popular password managers on the market include:
Some of these types of software can be used across multiple platforms, use web browser extensions, or even enable you to use apps of your mobile devices. All of these options make them easy to integrate with your systems. For example, Apple recently announced that the Password Manager API for IOS 12, which will launch in Fall 2018, will now work with third-party password management software.
4. The Software Increases Security of Technology for CPAs
The more complex the passwords you implement, the more secure your accounts will be. Some password managers are capable of creating and updating complex passwords as well. By integrating a reliable and secure password management system, in addition to using multi-factor authentication methods like 2FA and cybersecurity best practices, you can increase your firm’s ability to protect its accounting technology significantly.
Do you use password management software? If so, which one do you use and why? If your organization does not use a password management system, why not? Please share your thoughts in the comments section below or send me an email to chat about it more in depth.
To learn more about cybersecurity protections and other resources for CPA professionals and firms, be sure to check out our CPA Resource Center by clicking on the link below.