Security

There is no doubt that accounting practices all around Australia, are being targeted for fraud and identity theft by hackers around the world.

On the 22nd of February 2017, the Privacy Act Changes came into effect. This means that the risk in sending an open text email (with no encryption) across the internet, with an ATO document attached, even if the TFN has been removed, is not worth taking.

We suggest you review your client delivery methods urgently, and make sure your practice is delivering every document securely and encrypted.

Book a free client delivery review web meeting, and we can share with you, how other practices are bulletproofing their client delivery.

Here are some tips we recommend around practice security:

1. Don’t deliver any documents or confidential information via email unless you have 2FA security on your email.

2. Review your exposure immediately.

3. Create a proper plan to replace email with secure 2FA email. (Never attach ATO documents to an email)

4. Make sure you have a mixture of technology for secure client delivery, so you can match the right technology for each client.

5. Don’t put all your eggs into a Portal-only option basket for all clients. Our research shows you can lose these clients.

6. Think about how you will market the changes to your clients. How is it going to make their life easier?

7. Given the penetration of smartphones, build this into your strategy.

8. Make sure you have insurance and an action plan ready to go, should you experience a data breach or fraud-related activity.

Some helpful links

Verify and report a scam:

https://www.ato.gov.au/general/online-services/identity-security/verify-or-report-a-scam/

Overview of the Privacy Law in Australia:

https://hallandwilcox.com.au/overview-of-privacy-law-in-australia/

Here’s why your email is insecure and likely to stay that way:

https://www.digitaltrends.com/computing/can-email-ever-be-secure/

ATO SmartDocs has ISO 27001 security standard compliance.