Suppose your firm uses the internet or any cloud functionality in your practice’s daily operations or you run a virtual accounting firm. In that case, you need to be thinking about how to prevent potential cybersecurity attacks that could penetrate your systems and harvest your client’s data. This is especially true given that a single attack on a big accounting firm could reveal and jeopardize several businesses by exposing their information.

Cybersecurity breaches are estimated to cost businesses around the world a staggering $1.5 trillion annually. Phishing emails, lack of training, and weak passwords are some of the top causes of attacks, according to Datto’s Global State of the Channel Ransomware Report 2020. In 2020, the most common password is still “123456” – a repeat entry from 2019 (you can actually check the Top 200 most common passwords of the year 2020 here).

For this reason, it’s crucial to choose an accounting practice management software that comes with built-in security controls. It is more important that ever to take proper steps to protect your firm and your clients data as more and more companies adopt cloud technologies to operate outside the office. Malicious entities know that more prominent companies are more likely to invest in cybersecurity, which makes smaller firms the more obvious prey.

What kind of cyberattack should accounting firms watch out for? 

The most common form of cyberattack is “phishing,” which is the act of posting as an innocent or trusted entity to get someone to do a chosen action. An attacker trying to infiltrate your firm might pose as a client or a manager asking for sensitive information via email.

One common tactic is to send a link for the recipient to click on, unknowingly activating spyware or ransomware on your servers. Another typical way these types of malicious activities can occur is called keystroke logging, which a malicious program records the characters you type on your keyboard, such as passwords.

Once these players gets inside your system, it will be easy for them to access confidential information that could be used to compromise your clients and, by extension, your firm.

What can practice leaders do to bolster cybersecurity for accounting firms? 

The first thing to do is to invest in technology. Look for specialized accounting practice management software that come with built-in security controls, such as multi-factor authentication and data encryption.

Most of these types of schemes aren’t trying to get through several levels of encryption and firewalls. Instead, they’re most likely to follow the path of least resistance, which in this case are the very people working in your accounting firm.

This means that once you’ve set up basic security features, like multi-factor authentication and privacy controls, the next thing you need to work on is educating your employees about the proper use of your data. It’s worthwhile to conduct cybersecurity workshops and teach employees how to avoid falling prey to phishing attacks.

Remember that uninformed employees are the biggest cracks in any security system. Even the most stringent multi-factor authentication will not stop attackers if your employees cannot distinguish between a legitimate inquiry and a phishing attack. While multi-factor authentication does render keyloggers obsolete by requiring one-time pins for every transaction, an uninformed employee can still be duped into approving giving up their access controls!


Accounting firms are always in the crosshairs of attackers because they hold valuable client information. This privileged information can reveal a lot of confidential information potentially used by attackers to extort a ransom. Taking the time to analyze processes and technologies working to promote cybersecurity for accounting firms is a worthwhile practice.

This is especially true for firms that handle many prominent clients; all it takes is to infiltrate one firm, and a lot of business can be compromised. For this reason, accounting firms need to invest in practice management software for accountants that incorporate security controls, or else risk falling behind the curve for cybersecurity for accounting firms.

Financial Cents is an accounting practice management software designed to help growing accounting firms scale up and boost profitability. There’s no reason to keep using obsolete spreadsheets and legacy systems. Sign up for your 14-day free trial today to experience a revolutionary way to do business!