Online Marketing Articles

Most CPA and accounting firms have embraced email as a dependable and secure form of communication. This is unfortunate since email is actually not very secure. A number of accountants are really using email improperly and putting their client’s confidential information at risk by posting it to emails. Care for your clients. Never assume that email is a secure way to convey sensitive data. An email will pass through a dozen or more servers before reaching it’s destination. This arrangement makes email vulnerable to interception by what’s called a “man in the middle” attack, and there’s nothing you can do to prevent it. These third party servers are completely outside of your control and have no accountability even if they are poorly or even incompetently maintained. If even one of these servers has been compromised your message can be intercepted so you never know whose hands it can wind up in or who’s hacking into your files.

Don’t get me wrong, email is a very valuable tool for an accounting firm. It’s unrivaled in speed, convenience, and expense. Email is the best possible solution for most of your needs. Financial statements, tax returns, QuickBooks files and the like pose a significant threat to your clients’ welfare, however, if they fall into the wrong hands. Because accounting firms prepare taxes they are considered financial institutions. This actually makes emailing private information a crime. The Gramm-Leach-Bliley Act requires accounting firms to take reasonable steps to protect the consumer information they collect.

It is important to understand the difference between security and privacy if firms are to comply with mandates about client data protection. Privacy is the shield that protects a person’s identity while actively sharing information via the web. Security is about protecting information from uninvited intruders and is comprised of three primary elements, which are authentication, authorization, and audit.

One great solution for exchanging documents is available through most of the best CPA websites. Almost all the major CPA website providers offer secure document portals.

Portals provide a safe alternative for sending documents like tax returns, social security numbers, and financial statements. Unlike email a portal transfer encrypts the data and transfers directly from your server to the website’s. This eliminates the possibility of a “man in the middle” attack. It keeps the data out of the public domain and restricted to servers under your direct control.

At this point I should disclose something. I own a company that designs CPA websites and yes… that includes a portal system. That’s how I make my living but don’t mistake this as a crass sales pitch. All the best CPA websites furnish portal features, not just ours. If your client comes to terms with these risks before you correct your procedures there’s a very high probability you’ll lose him, adopt a secure portal and USE it. Stop transmitting your clients confidential personal information by email immediately.

Author Biography

Brian O’Connell is the owner and founder of CPA Site Solutions, one of the country’s largest website design companies oriented entirely to top shelf accounting websites. His company currently provides websites for more than 5000 CPA, accounting, bookkeeping, and tax preparation firms.

Be Sociable, Share!

• 

Tags: client portal, cpa websites, email, email security, secure file transfer