6 Tips for Improving Network Security for LA CPAs

Author: Henry Ngo Date: Jan 13, 2018 Topics: _CPA and Accountant Blogs

Protecting sensitive financial data and tight network security often go hand-in-hand for any Los Angeles certified public accountant (CPA). Establishing a strong corporate computer network defense involves an arsenal of network security tools that include:

  • Intrusion prevention systems,
  • Network antivirus protection,
  • Next generation firewalls,
  • Wireless intrusion prevention systems and wireless encryption,
  • Network access control, and
  • Vulnerability management services.

According to the 2017 U.S. State of Cyber Crime survey, an annual partnership survey between CSO, U.S. Secret Service, CERT Division of Software Engineering Institute at Carnegie Mellon University, and Forcepoint, 39% of the executives at businesses, law enforcement and other government agencies report that the frequency of cybersecurity events has increased over the past year.

Cybersecurity events are costly for many organizations, with the average loss during one such event costing organizations $381,000. This is an increase of nearly 50% over the $255,000 average event cost in 2015. “For enterprises, the average financial hit climbs for a single cybersecurity event to $884,000, up from $471,000 in 2015.”

This is where a strong security network and established cyber protection measures can help many organizations. Implementing these technologies may seem like a lot of work, potentially very expensive, and many layers of security. However, compared to the cost and damage of a network security breach, the cost and effort of hardening your network perimeter is a bargain.

Let’s break down the aforementioned six types of network security by the roles they play in protecting your LA CPA firm’s data.

1: Intrusion Prevention Systems (IPS)

Just like guards on the edge of a fortress, an IPS monitors inbound packets of data. Based on reputation data and programmatic detection of known threats, this system can determine whether data should be allowed to enter your network.

The leading IPS appliances receive continuous updates to counter zero-day and known cyber threats to your network, closing the door to bots, malware, and other dangerous code which can infect your network.

2: Network Antivirus Protection

Installing and managing network virus protection applications on all of your network endpoints can be a daunting task for large accounting firms. However, installing a network-based antivirus system, as well as device encryption and protection, is an especially wise move for firms with employees who often work outside the network.

3: Next Generation Firewalls

Traditional stateful inspection firewalls did a decent job of safeguarding networks for their time. But because of emerging threats from the use of apps such as peer-to-peer (P2P) file sharing systems, as well as the increasingly aggressive malware and worm viruses that increased internal threats to network security, firewall vendors had to raise their game, creating next gen firewalls.

Next generation firewalls and unified threat management (UTM) systems combine elements of IPS, network encryption, application governance, and web content filtering to control the websites which your employees access on corporate devices.

4: Wireless Intrusion Prevention Systems and Wireless Encryption

If your users access internal or external Wi-Fi systems, make sure you have wireless virtual private network (WVPN)-encrypted access. Make sure to install Wi-Fi hotspots in your office, which can detect rogue access and/or attempts to breach your wireless defenses. Wireless security standards have evolved a great deal over the years, but new threats continue to emerge.

5: Network Access Control

Network access control (NAC) protects your resources by ensuring that only your employees, not contract employees working onsite, can access your sensitive information.

6: Vulnerability Management Services

Regularly-scheduled vulnerability management scanning services can help to identify gaps in your network perimeter to let you know when you need to do remediation. Security assessments with vulnerability scanning at its core by an experienced security specialist can mean the difference between a profitable, productive year and dealing with a lot of chaos.

Have you implemented any additional network security safeguards that we’ve forgotten to mention? Share them with us in the comments section below. 12 Ways for CPA Firms in LA Use Technology ebook 


Henry Ngo

Henry Ngo

In addition to his day to day NOC duties, as one of FPA's bloggers, Henry develops value based blog content sharing his technical expertise with our clients and friends. Henry addresses topical issues in real and meaningful ways communicating technical concepts in an easily digestible way.