Remote Work and Cybersecurity – Key Things for Accountants to Know

It is almost impossible to be in the accounting industry and not know of the major talent shortage facing firms.  

In fact, some reports show the number of people taking the CPA exam fell by almost 50% between 1990 and 2021. With impending retirements, shifts in work culture plus an unwillingness of younger people to take the path towards accounting, the question needs to be asked – how can you attract the talent you need in your firm? 

The answer is more firms are looking towards remote workers (on top of trying to work via industry associations to encourage new accountants into industry). Accountants and bookkeepers are now considering remote workers both in their current country of service as well as in other countries globally.  

But how are you able to reconcile going global (or national) with your team whilst mitigating the inevitable cybersecurity risks that come with this shift?  

Why consider remote workers in the first place? 

In a post-pandemic world, some organizations are pushing for staff to come back into the office, particularly under the guise of productivity and interconnectedness. However, this comes with the risk of being able to retain staff as they are looking for more flexible options when it comes to how they structure their work lives.  

However, the benefits of allowing your team flexibility in where they work have been made clear over the last few years as we’ve done a real global experiment (Thanks COVID…). The benefits include;  

• Decreased commuting time – increasing overall satisfaction at work and decreasing costs for employees in a time of high inflation. 
• Better work/life balance – decreasing potential long-term burnout risks and improving overall satisfaction increasing employee retention.  
• Increased productivity – remote working has been shown overall to improve, not decrease, productivity.  
• Reduced stress – with decreased commuting and increased work/life overall people report less stress with a remote or hybrid schedule.  
• Decreased overhead expenses due to less or no office space and other expenses – increasing overall profitability and increase margins within the business allowing you to invest more in growth or other areas as you want.  
• Increased candidate pool – increasing your potential candidate pool and overcome skills shortages in areas where you currently work, sourcing better talent potentially at more competitive pricing  

Whilst there are clearly a lot of benefits to embracing remote work, there are also some negatives or concerns you should have. These include; 

• Increased cybersecurity risks – without strong processes in place you may open your firm up to data breaches which could cause financial and reputational harm.  
• Decreased communication – if you do not set-up processes to embrace remote workers you may see inter-company communication drop resulting in a poor experience for clients. 
• Limited control – it can be difficult to monitor and direct the work of remote staff particularly as you onboard them, you may want more insight into what they are working on and which clients.  
• Travel costs – you may decide once, or more, a year to get the team together for strategy or special project work. These costs need to be carefully budgeted and planned for.  
• Human connection – it is something many people crave in a role and if you are embracing remote working, it’s important you ensure all staff are connected to the vision of the business and what you are all working towards.  

With remote work, there are many benefits, as well as some negatives, to consider. Ultimately the choice to go remote as a team is something which is highly personal to each accounting and bookkeeping firm – this is a decision you need to make yourself.  

However, we can take the security risks and the control risks away with easy-to-implement cybersecurity solutions designed for the financial workflow.  

Should I really care about cybersecurity risks? 

In short – you don’t have a choice.  

In the US, the government has released the FTC Safeguards Rules which outlines certain government regulations you must follow as both an accountant and bookkeeper – regardless of if you are remote or not.  

In Australia, the Australian Government has recommended the Essential Eight for all organizations including accountants and bookkeepers – this represents the best practice solutions to keep firms secure.  

Globally more and more governments are legislating and mandating certain cybersecurity requirements in sensitive business, like accounting and bookkeeping, due to the increase in cyberattacks and breaches which are occurring.  

How to be cybersecurity conscious before going to remote working  

You may think the government legislation is too onerous and too hard which makes hiring remote not a feasible option in your business – but it doesn’t have to be the case.  

There are tools out there, like Practice Protect, who help automate your legal requirements and ensure your firm and your clients’ data stay protected.  

Before you begin hiring remote team members, make sure you have the following cybersecurity in place: 

1. Strong Access Controls: Most companies use multi-factor authentication (MFA) to secure their apps, but in a remote-first environment we recommend another layer of security such as an identity management tool which locks down access to only certain applications to certain users – it is your added layer of security.  

1. Secure Your Communications: Encrypt all data and give access only to those who really need it – lock down applications and secure your emails so criminals cannot access them even if compromised. Utilizing something like The Access Hub at Practice Protect can automatically do this for you.  

1. Regularly Update and Patch Systems: Cyber threats evolve rapidly; thus, keeping your software and systems updated is crucial utilizing a tool such as our Device Security Technology Add-on will allow Practice Protect to update and patch core systems on your behalf.  

1. Staff Training: Conduct regular training sessions on cybersecurity best practices and keep your team informed about the latest cybercrime tricks and tactics.  Creating a culture of security awareness is vital for keeping up to date and following best practice.  

1. Have access to breach investigation: If the worst does happen, you know your client data is already protected thanks to our identity management tool, but you still want to know how it happened. With a partner that can provide breach management investigations, as experts in space, you can feel easier knowing you are protected.  

Where to from here?  

Going remote doesn’t have to be a scary thought for accountants and bookkeepers, instead it could be a secret key to unlocking growth and growing your firm. Whilst there are more considerations when it comes to remote workers, there are easily put-in-place processes and controls to ensure your firm and your clients’ data stay protected.  

If you are keen to get your firm secure and ready for your remote-work revolution, please make time to chat with our Cybersecurity Consultants.