Construction accounting software: security 101
However, the move to a complex software package from a spreadsheet is a significant change, and it’s entirely natural to have a number of concerns about the upgrade. One of the main worries you might have is the security of your new system. Cyber security is a very different beast to physical data security, and as you move your processes from paper to pixels, you mustn’t overlook your changing security needs.
What threats are you facing?
You may have heard horror stories where websites and companies faced huge fines after hackers stole personal information from businesses that customers had entrusted with their details, but the main, most manageable threats come from elsewhere. Most data breaches originate from employees – some act maliciously, but many are the result of simple errors such as sending data to the wrong email address. Malware attacks, where hidden software and viruses collect data from PCs, are another major threat to small businesses.
There are two different approaches to reducing these threats – hardware and software changes that need to be implemented by senior management, and secondly, increasing cyber security awareness of all software users.
Hardware and software solutions
A new software upgrade provides the perfect opportunity to review your cyber security policies and procedures. Consider the following:
- Storing hardware. Ensure all valuable hardware is out of sight of the windows when the office is closed. If you predominantly use laptops, this is particularly easy. Remember that most thefts are opportunistic – don’t make your office a target by leaving new PCs or tablets in plain sight of the public.
- Auto-locking. When you set up new PCs, personalise the display settings by making the login screen reappear when the computer is idle for more than a set amount of time (right click on Desktop -> Personalise -> Screensaver). This will prevent other employees from accessing restricted files when the computer’s user leaves the PC for a while.
- Security software. Ensure that every PC in your network has security software installed. You can pay for anti-virus and anti-malware software, but free solutions such as Avast or Avira will usually perform just as effectively. Set this software to automatically update in real time.
- Update all software regularly. Most software programs are updated frequently in response to security flaws. Missing or cancelling software updates means that your data will be at needless risk. Ensure your operating system, mail software, accounting system and any other software using client and staff data is always updated.
- Set user access levels. Using your accounting software, set up a robust user access system that prevents low level or new users from viewing sensitive documents or particular client data.
User training and awareness
In a diverse workforce, levels of computer literacy amongst staff will be decidedly mixed. It’s therefore vital that you provide cyber security training to all software users to ensure that everyone is aware of the forms data breaches can take. Ensure you explain the following points:
- Users should download from trusted sources only.
- How to choose a strong password.
- How to identify phishing emails.
- Software updates should never be cancelled or delayed.
- Company data shouldn’t be transferred to private devices or personal cloud storage accounts.
Implementing these basic cyber security measures will significantly reduce the chance of your data being obtained by another party, allowing you to use your new accounting software with confidence.
Still unsure if now’s the right time to upgrade? See if your business is showing any signs of outgrowing its current accounting system…