Content - DK

3 Steps to Protect Your Professional Services Firm Reputation with Information Security

Issue link:

Contents of this Issue


Page 6 of 7

MANAGE DATA 3 Steps to Protect Your Accounting Firm's Reputation with Information Security Flexibility The accounting industry is undergoing massive disruptions. Shifting customer demands, changing workforce expectations, increased competition, and regulatory demands have all contributed to the immense transformations taking place in the industry. One lesson learned from these disruptions is that flexibility is key. As market and regulatory forces change, it's important that organizations have an adaptable infrastructure. This sort of flexibility can future-proof organizations so that they don't have to constantly reinvent the wheel. Infrastructure flexibility also has a role in security. Accounting firms must change and adapt all the time in order to stay competitive. In the event of new regulations, personnel changes or other shifts, an agile information management system can automatically adjust permissions and information access. In a rigid IT environment, software may be limited and less flexible to new structures and processes, leaving critical information vulnerable to mismanagement. To keep up with the rapid developments in the industry, accounting firms must examine and reconsider infrastructure flexibility. Control Organizations may not experience data-siege attacks daily, but workers are certainly creating, sharing, processing, storing, and managing documents on a daily basis and that information is vulnerable to careless mismanagement. In the 2017 M-Files and AIIM survey, 37% of organizations reported unauthorized access to systems by internal staff and 47% have suffered an unauthorized disclosure of confidential information. Being able to control how workers access and utilize information is important to ensuring it's security. Software solutions can certainly help with this effort by automating how individual workers interact with information and data. In proceeding, it's important to evaluate the following: • Document origination. How documents are created. • Document and record keeping. How documents are stored, archived, retained, or disposed of. • Document processing. How documents are managed throughout their lifecycle. How they flow from one person to the next. • Document access. Who can access what and when. How permissions and document access is managed. How documents are shared. • Document traceability. What sort of visibility does the organization have into how documents are managed — like who has accessed what and when, what have they done with the information. With the right controls and systems in place, information security is engrained in how staff works and there's way less room for human error.

Articles in this issue

view archives of Content - DK - 3 Steps to Protect Your Professional Services Firm Reputation with Information Security