It is inevitable that you or your employees will want to, and possibly even need to access sensitive client data on a tablet or smartphone.
Making judgement calls on “the five W’s” of client data access, based on the mobile device security best practices outlined below, will give you the best opportunity to safeguard your client data and protect your Los Angeles accounting firm’s reputation.
Who Should Be Able to Access Client Data with a Mobile Device?
If you are a CPA assigned to a client’s file, and often have offsite meetings with a particular client, you may have justification to access a client’s information on a tablet or smartphone.
Ideally you will be with the client when you access their information, and you will have more than a passing reason to source their financials. You might be accessing their expenses or ledger data in their office, possibly logged in with credentials to their Wireless Local Area Network (WLAN).
What Data Should You Access on a Tablet or Smartphone?
From a security standpoint, a dedicated software application, protected by a form of encryption with a UserID and Password, for a commercial off the shelf product is the most secure way to access documents, client records, or financial data.
If you are accessing information using a mobile browser, your ideal situation is to be authenticated onto a WLAN, or have a Wireless Virtual Private Network application in place to provide an added level of security. Limiting any data to a need to know, urgent basis is your safest way forward.
When Should CPAs Wirelessly Access Client Files?
As mentioned above, if client data needs to be accessed on your smartphone, it should be to help them meet a critical deadline, avoid litigation, or other time-sensitive reason. If there is no real compelling event which necessitates logging in and sourcing client info needlessly outside of your secure network, simply don’t do it.
Where Should You Access Customer Data without a Wired Connection
If you are killing time in line at Starbucks, at the airport on the way to a conference or family vacation, or waiting for an appointment with your dentist, these scenarios are definitely not suitable excuses for accessing client data on your smartphone. Wait until you are safe within the confines of your office or home office secure Wi-Fi environment.
Why Would an Accounting Professional Access Financial Data on Public Wi-Fi?
We’ll use these points to clarify the Why as a bonus. If you don’t have to access data wirelessly, it’s a safe bet you shouldn’t. Each time you tap into your client data outside a trusted network, you are putting your client and your firm at risk. Should a rogue wireless surfer use a key logger or other surveillance strategy to watch the data you are browsing online, you are taking unnecessary risks with their information.
Ensure every wireless endpoint outfitted to gain access to your accounting applications is “kitted” with a standardized security arsenal of encryption, anti-virus, anti-malware, and other safeguards should a device get stolen.
Mobile device security best practices, for the most part entails limiting access to client information for those who need to access the information, where they need to access the information, and within critical time parameters. There are too many opportunities to situate yourself in a secure environment to access client data to merit risking data loss, stolen devices, or hackers in unexpected locations.
Have we missed any mobile device security best practices that your accounting firms uses? Please share your thoughts in the Comments section below.
And to follow-through on the tips introduced in this short article, be sure to download your free guide, 12 Ways for CPA Firms in LA to Utilize Technology More Efficiently.