K2E Canada Inc
  • Home
  • TRAINING
    • WEBINARS
    • ROAD TO EXCELLENCE ONLINE SEMINAR
    • SEMINARS
    • TECHNOLOGY CONFERENCE
    • INSTRUCTORS
  • NEWSLETTER
    • Signup
  • ABOUT
  • CONTACT
  • BLOG
  • COPY ROAD TO EXCELLENCE ONLINE SEMINAR
  • Home
  • TRAINING
    • WEBINARS
    • ROAD TO EXCELLENCE ONLINE SEMINAR
    • SEMINARS
    • TECHNOLOGY CONFERENCE
    • INSTRUCTORS
  • NEWSLETTER
    • Signup
  • ABOUT
  • CONTACT
  • BLOG
  • COPY ROAD TO EXCELLENCE ONLINE SEMINAR

Five Effective Cybersecurity Solutions for Finance and Accounting Professionals

12/13/2021

 
Finance and Accounting professionals have faced a lot of risks and challenges from day one. However, during this pandemic, the risks and challenges are at a whole new level. Meanwhile, these 5 effective cybersecurity solutions for finance and accounting professionals should help mitigate the risk.

Further, Finance and Accounting professionals need to know what they face and the challenges to the profession and the data protected. Employees working in the profession must be aware of the risks & challenges and how to overcome them. In addition to that, we will suggest a few cybersecurity solutions.

What is Cybersecurity?

Cybersecurity is also known as information technology security or electronic information security. Above all, cybersecurity helps defend web servers and electronic devices like mobile phones, computers, etc., from cyber-attacks.

Businesses use cybersecurity to protect their data and confidential information from unauthorized users. Unfortunately, due to the global pandemic, the cybersecurity crime rate has reached a new level. Therefore, every industry must protect its software and hardware with the best cybersecurity to avoid such incidents.

One way to help with cybersecurity is to use a proxy server. A proxy server acts as a gateway between the user requesting resources and a server providing the resources. For example, a Residential proxy is one type of proxy server with a unique IP address with a physical location. Proxy servers are a great way to mask your actual IP address while surfing the internet.

What are the Challenges and Risks Faced by Finance and Accounting Professionals?

Before you learn about cybersecurity solutions, it is better to know about the risks and challenges faced by Finance and Accounting professionals. Consequently, understanding the risks faced gives one a clear idea of overcoming them with different solutions.

1. Losing the Client's Data

An important responsibility of the Finance and Accounting profession is to protect the privacy of their clients. But unfortunately, there is a huge possibility for the finance and accounting profession to lose this crucial information of their clients quickly. One of the reasons is the poor execution of cybersecurity protections.

If you don’t safeguard financial details, clients could lose their trust in the firm. Therefore, it is a significant task for the firm to protect clients’ information at any cost. Failing to do so could ruin the firm’s reputation.

2. Malware Attacks

With the growing exposure of client data, finance and accounting professionals must prevent their systems and networks from malware attacks. Additionally, as the crime rates keep increasing, businesses need to be mindful of malware attacks as they can easily breach systems and data.

Massive ransomware attacks happen continuously. Therefore, it is best if the profession is cautious and prepared for it.

3. Losing Company's Reputation

Reputation loss is the most important and common risk for the accounting profession. Losing a company’s reputation is like losing everything. In a fast-growing and competing world, businesses need to protect their reputation.

Since exploitation of reputations is easy, people must take calculated steps to avoid such discrepancies.

4. Bad Actors Can Hack Systems

Hackers with little knowledge can hack any computer or mobile device. Hacking is another risk faced by the finance and accounting profession. All employees must have updated systems and check for vulnerabilities often.

Just one tiny mistake could hand over all the confidential data to the hackers. And all it takes is one mistake.

To avoid facing such risks or prevent these risks from happening, one should use the Cybersecurity solutions mentioned below.

Cybersecurity Solutions for Finance and Accounting Professionals

We have identified a few risks and challenges faced by the profession. Consider these possible cybersecurity solutions and approaches.

1. Tighten the Security

As mentioned earlier, hackers are now everywhere. It is the responsibility of the firm to safeguard its privacy and data. So, it would be best if you had a proper firewall or proxy server to help protect your company’s data and its clients.

A firewall or proxy server will be a gateway between your company server and the external servers trying to gain access. It identifies who and who is not permitted access to confidential details.

2. Be Prepared for Malware Attacks

Malware attacks can happen at any moment and repeatedly. So how do you stop such cyber-attacks from happening? First, IT teams must prepare businesses. Internal controls established by accounting professionals with preventive measures are a must.

The firm can also conduct a mock scenario for people to be prepared and appropriately trained. In this way, employees get ready and develop a plan for when the actual situation happens.

3. Employ Passwords and Authentication

There must be a good password and authentication process to log into a server with confidential data. Formerly, the best practice was for clients and employees to change their passwords frequently. Now, a long password is changed when a compromise is suspected. In addition, password managers can automatically generate long passwords. That way, hacking is more complicated.

Team members must employ strong passwords. Better protection comes from two to three-step or multi-factor authentication (MFA). We recommend MFA for the profession’s safety needs. In addition, MFA makes it more difficult for hackers to hack into the system.

4. Keep an Encrypted System Everywhere

Having an encrypted system makes one sure that confidential data is safe and secured. Data should not only be encrypted while emailing or in transit. All data must be encrypted even while the system is not in use and is at rest to comply with breach reporting regulations.

Encrypt every device in the firm. That way, there is a minimum possibility for the data to get out of hand.

5. Have Proper Backups

Finance and Accounting professionals need to have a proper plan to back up operating systems, data, and devices. A comprehensive backup plan keeps data in a safe place. In addition to that, the data is accessible at times of any discrepancies at the firm.

Thus, finance and accounting professionals should have proper and regular backup plans to safeguard their pieces of information.

In Conclusion

We have discussed cybersecurity and its risks. With the solutions mentioned above, you can minimize the risks from happening. These 5 effective cybersecurity solutions for finance and accounting professionals should help mitigate the risks. Make sure that you put them to good use to increase the safety of your business.

Be careful out there!

For more information, consider our article on What Has The Pandemic Taught Us About the Importance of Contingency Planning? Additionally, consider our courses on Backup and Business Continuity/Disaster Recovery Planning.

Randy Johnston

The Colonial Pipeline Ransomware Attack: Lessons Learned

7/5/2021

 
By now, most are familiar with the ransomware attack committed against Colonial Pipeline. While the aftershock of this event will last for years, there are immediate lessons we can – and should – learn from this cybersecurity incident. In this article, we will examine what happened and what Colonial did in response. We will also look at what we can do to reduce the likelihood of becoming another ransomware victim.

Anatomy of the Colonial Ransomware Attack

As reported by multiple news outlets, Colonial Pipeline fell victim to a ransomware attack on May 7, 2021. The hacking group DarkSide claimed responsibility for the attack, which forced Colonial to shut down a major pipeline that carries gasoline, diesel fuel, and jet fuel throughout the Southeast and Atlantic Seaboard portions of the United States. As a result, millions in affected states experienced fuel, food, and other materials shortages. Colonial has not disclosed how the ransomware infiltrated the network. However, DarkSide purportedly stole 100 gigabytes of data from Colonial the day before the attack and allegedly threatened to leak portions of that data unless the Colonial paid the ransom.

Colonial paid $5 million in ransom within several hours of the attack and received the necessary tools from Darkside to begin recovery operations. However, the tools provided ran too slowly to be effective. Therefore, Colonial pivoted to restoring the network using company-made backups. On May 12, Colonial indicated that they had begun restoring pipeline operations, and all pipeline operations were running normally as of May 15.

What is Ransomware?

Ransomware is a form of malware that infects a computer or a network, encrypting the data, rendering it unusable. Generally, the attack’s perpetrators offer to provide a “key” to the victim so they can unencrypt the data and return it to a usable state. However, to receive the key, the victim must pay a ransom. The perpetrators typically require the victim to pay the ransom with cryptocurrency. This requirement exists because of the presumed untraceable nature of cryptocurrency. If the victim pays the ransom and the hackers provide the key in return, the victim can recover their data. Unfortunately, in some cases, the hackers receive the ransom but do not provide the recovery key, leaving the victim without their data and the money paid.

Lessons Learned from the Colonial Incident

We can learn many lessons from the Colonial Pipeline ransomware event, and these lessons extend to individuals and businesses alike. First and perhaps most importantly, we should understand that no individual, company, computer, or network is immune from the threat of ransomware. In fact, ransomware attacks increased 62% from 2019 to 2020, with 304,000,000 attacks reported in 2020, according to Statista. In business environments, ransomware knows no boundaries, impacting businesses of all sizes in virtually all industries. Therefore, if your company has not yet developed a response plan, now is time to do so.

Ransomware Attacks Often Result from Phishing Emails

One of the most common means used by cybercriminals in ransomware attacks is phishing emails. With this attack vector, the criminals send emails containing malicious links or attachments, and if recipients click those links or attachments, they become yet another ransomware victim. Therefore, do not click links or attachments in emails received from persons you do not know or if you were not expecting links or attachments in the message. Better still, enable spam filtering to block inbound emails containing links or attachments.

Ransomware Often Evades Anti-Malware Tools

The nature of ransomware is such that it often evades anti-malware tools. Ever-evolving strains of ransomware frequently morph so that new versions of the malicious software continually appear. Because these versions are fresh and the anti-malware tools have not yet seen them, they do not classify them as dangerous and block them. Therefore, recently-introduced strains of ransomware often go undetected by anti-malware software. To help address this issue, consider enabling “white-listing” software, which only allows pre-authorized applications to run on your computer. In this scenario, unless the ransomware is on a device’s white-list, it cannot execute on that device.

AppLocker and Controlled Folder Access are two forms of white-listing tools, and Microsoft includes both these tools in business-oriented versions of Windows 10. AppLocker is a tool usually administered by IT staffers. With this tool, you can specify all the approved applications authorized to run on a given device. If ransomware gets installed onto the device – by clicking a malicious link, for example – AppLocker should block it from running because the ransomware will not be on the approved software list.

Similarly, Controlled Folder Access blocks unapproved applications from making changes to data files in folders designated explicitly by a user. By doin so, Controlled Folder Access minimizes the risk that ransomware compromises your data. Of course, no method of preventing ransomware is fool-proof. However, using one or both of these techniques may reduce your chances of becoming another victim of a ransomware attack.

Prepare for the Eventuality that You May Become a Victim

Despite our best efforts, it is altogether possible that you or your organization may become a victim of ransomware. If you do, the malware will encrypt your data and hold it hostage until such time you pay the ransom. The best way to recover is by restoring your data from a recent backup. As identified above, this is the strategy Colonial reportedly used to recover their data, even though the company paid the ransom.

Of course, restoring from a backup is only an option if you have a backup strategy that is appropriate and all-encompassing. To that end, ensure that that your backups capture all necessary data files. Further, your backups should have an “air gap.” In this context, an air gap is a backup configuration that ensures companies store their backups offline, disconnected from the network. This step is necessary to ensure that the same ransomware that affects the data does not encrypt the backup media. Without an appropriate air gap, ransomware can compromise a company’s data and its backups.

Summary

Ransomware, unfortunately, remains a real and persistent threat. If you fall victim to ransomware, you have three options: 1) recover your data from a backup, 2) pay the ransom, or 3) lose your data forever. To effectively mitigate ransomware risk, ensure that you do not click on links or attachments in suspicious emails. Further, do not get lulled into a sense of false security that your anti-malware tools will prevent such an attack. Additionally, take advantage of tools such as AppLocker and Controlled Folder Access, both of which can mitigate the risk associated with ransomware. Finally, despite all your best efforts, you should assume you will become yet another victim of ransomware and, given this assumption, ensure that your backup strategy will allow you to recover your data files. It’s your data, and it’s your decision. Choose wisely because the future of your business may hinge on your decision.
Concerned about cybersecurity? Consider one of the cybersecurity learning options available from K2 Enterprises.

Tommy Stephens

Blackbaud Ransomware Attack Reiterates the Need for Strong Cybersecurity Controls

9/7/2020

 
Software publisher Blackbaud recently reported that the firm was a target of a ransomware attack. The attack, which occurred in May, affected numerous universities, alumni organizations, and other organizations that use the company’s administration, fundraising, and financial management software. Although the hack occurred in May, Blackbaud did not report the incident until July. In this article, you will learn more about the attack and what you can do to avoid becoming yet another victim of ransomware.

Statement from Blackbaud

The company posted the following statement on its website.

“In May of 2020, we discovered and stopped a ransomware attack. In a ransomware attack, cybercriminals attempt to disrupt the business by locking companies out of their own data and servers. After discovering the attack, our Cyber Security team—together with independent forensics experts and law enforcement—successfully prevented the cybercriminal from blocking our system access and fully encrypting files; and ultimately expelled them from our system. 

Prior to our locking the cybercriminal out, the cybercriminal removed a copy of a subset of data from our self-hosted environment. The cybercriminal did not access credit card information, bank account information, or social security numbers. Because protecting our customers’ data is our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed. Based on the nature of the incident, our research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly. 

This incident did not involve solutions in our public cloud environment (Microsoft Azure, Amazon Web Services), nor did it involve the majority of our self-hosted environment. The subset of customers who were part of this incident have been notified and supplied with additional information and resources. We apologize that this happened and will continue to do our very best to supply help and support as we and our customers jointly navigate this cybercrime incident.”

Blackbaud Paid the Ransom

Of note, Blackbaud disclosed in their statement that the company paid the ransom, although the amount is not available. The company’s payment stands in contrast to recommendations from most governments and cybersecurity organizations.

According to a published report at www.thenonprofittimes.com, Blackbaud paid the ransom using Bitcoin. However, the company did not make the payment until it was able to confirm that the hackers destroyed all data compromised in the attack. Further, the company indicated that the hackers did not compromise data such as credit card numbers, bank account information, and Social Security numbers.

Ransomware Remains a Significant Threat

According to Statista.com, ransomware remains a significant threat. In 2019 alone, 188 million attacks occurred worldwide. Further, SafeAtLast.co reports that the ransomware accounts for 56% of all malware attacks. Additionally, the average cost of a successful attack against a business in $133,000.

Identifying a Ransomware Risk

To minimize the risk of ransomware attacks, first understand the nine primary ways that it enters an organization, as detailed below.

  1. Unsolicited links and attachments in email messages.
  2. Malicious links in social media posts.
  3. Drive-by websites.
  4. Open and unsecured RDP/RDS ports in Windows.
  5. “Collateral damage” resulting from attacks on managed service providers.
  6. Attacks that spread through an organization, known as “lateral attacks.”
  7. Free and pirated software infected with ransomware.
  8. Ransomware installed on USB drives.
  9. Websites that serve “malvertising” dialog boxes.

Five Ways to Minimize Ransomware Risk

Understanding where the risks lie makes crafting a practical approach to combating ransomware a reasonable possibility. For most organizations, that approach should include at least the following five points.

  1. Train team members about the dangers of clicking on links and attachments in email messages and social media messages. Current estimates indicate that approximately 30% of email users click on unsolicited links and files, so repeated efforts in this are necessary.
  2. Educate team members on the risks associated with visiting specific types of sites on the Internet and consider implementing policies that indicate the kinds of websites they should not visit using company-owned assets and internet connections.
  3. Enable Windows Controlled Folder Access feature, a tool designed specifically to block ransomware attacks.
  4. Carefully choose your choice of anti-malware software and ensure that it updates contemporaneously.
  5. Assume your company will become a victim and incorporate recovery strategies into your Business Continuity/Disaster Recovery plans. As part of this strategy, routinely test your backups to ensure that it includes all data and that you can restore this information when the need arises. Additionally, consider creating Restore Points of each team member’s computer to speed the process of recovery in the case of an attack.

Summary

Ransomware remains a genuine threat to businesses of all sizes. It affects large software companies such as Blackbaud to small “mom-and-pop” operations. When ransomware strikes a business, the costs are high. Further, the damage to the victim organization’s reputation lasts for years. Yet, if we understand how ransomware creeps into companies, we can create an effective strategy for reducing our risk of becoming yet another victim.

Tommy Stephens

    Categories

    All
    2022
    Accountant
    Accounting Software
    Accounting Solutions
    Adobe
    Advisory
    AI
    Artificial Intelligence
    Automation
    Backup
    Bitcoin
    Blockchain
    Business Automation
    Business Continuity
    Business Intelligence
    Business Management
    Cloud Computing
    Collaborate
    Collaboration
    Colonial
    Computer
    COVID 19
    COVID-19
    CPA
    CRM
    Cryptocurrency
    Customer Relationship Management
    Cybersecurity
    Cyptocurrencies
    Dext
    Doc.It
    Ecommerce
    Emerging Technologies
    Entrepreneurs
    Excel
    Forecasting
    Forecast Sheet
    Google
    Grammarly
    HR
    Internal Controls
    Internal Priorities
    KPIs
    LET
    Links
    Management Reports
    Microsoft 365
    Microsoft Office 2021
    Microsoft Teams
    Office
    Office 365
    Online Shop
    Outsourcing
    Pandemic
    Paperless
    Personal Computer
    PivotTables
    Power Automate
    Power BI
    PowerPoint
    Productivity
    QuickBooks
    Quickbooks Online
    Ransomware
    Receipt Bank
    Remote Work
    RPA
    Sage 50
    Security
    Small Business
    Small Business Accounting
    Small Business Accounting Software
    Stockhistory
    Technologies
    Technology
    Tech Update
    Windows
    Windows 10
    Windows 11
    Word
    Work At Home
    Workflow
    Work From Home
    Xcm
    Zoho
    Zoho CRM

    Authors


    Ward Blatch
    Ward provides consulting and training services as the Managing Director of K2E Canada Inc. He joined K2E Canada in 2005 and is responsible for the Canadian operations of this international consulting group, which provides professional development technology education for accountants across Canada and the US. Ward lives in rural Nova Scotia and can be reached at ward@k2e.ca.

    Tommy Stephens
    Tommy is one of the shareholders in K2 Enterprises, affiliating with the Firm in 2003 and joining as a shareholder in 2017. At K2, Tommy focuses on creating and delivering content and is responsible for many of the Firm's management and marketing functions. Tommy resides in the metro Atlanta area. You may reach him at tommy@k2e.com.

    Randy Johnson
    Randy is a nationally recognized educator, consultant, and writer with over 40 years experience in Strategic Technology Planning, Accounting Software Selection, Paperless, Systems and Network Integration, Business Continuity and Disaster Recovery Planning, Business Development and Management, Process Engineering and outsourced managed services. Randy can be reached at randy@k2e.com

    Bernie Smith
    Bernie coaches businesses to develop meaningful KPIs and present their management information in the clearest possible way to support good decision making. As the owner of Made to Measure KPIs, he has worked with major organisations including HSBC, Airbus, UBS, Barclays, Credit Suisse, Lloyds and many more.

    RSS Feed

Training & Education

Webinars
Road to Excellence Online Seminar
Seminars
Conferences
Instructors

Tech News

K2E Canada's Tech Update Newsletter

More

Privacy Policy
About
Contact
K2E Canada Inc.  |  484 Scarlett Crescent  |  Burlington, ON L7L 5M2  |  (905) 633-9772
© 2023 K2E Canada Inc. ALL RIGHTS RESERVED.