4 Free or Inexpensive Ways to Protect Yourself Against a Cyberattack

4 Free or Inexpensive Ways to Protect Yourself Against a Cyberattack

Published: October 19, 2023
Share: Facebook LinkedIn Twitter

Do you currently have a well-defined, well-thought-out cybersecurity plan in place at your accounting firm?

A decade or so ago, protecting yourself against a cyberattack wasn’t a requirement for a healthy, well-functioning accounting and finance practice. Today, however, in the words of SmartVault CISO and former cybersecurity law enforcement officer Luke Kiely, having a cybersecurity plan is "an absolute must." Cyberthreats are everywhere, and if you don’t have a way to protect yourself, it’s not if you’ll be targeted, but when.

In a recent webinar, Luke explained how one major concern among accounting firms regarding cybersecurity is the cost of implementing safety measures. Developing a robust plan must require significant time and financial investments, right? While cybersecurity does cost money, and the highest-quality tools and expert services are expensive, there are actually many free or low-cost ways to protect yourself against a cyberattack, he says.

And their lack of a hefty price tag doesn’t make them ineffective, either. "Following basic principles will save you time and money and greatly reduce your chances of becoming a victim of a cyberattack," Luke notes.

Below, we’ll go over some of the best, most effective low- and no-cost tools at your disposal to safeguard your firm and your data.

1. Online resources, tools, and institutes (free)

Don’t have a cybersecurity plan, or feel like your current one leaves a lot to be desired? "You don’t have to build a plan from scratch!" says Luke. There are tons of resources online to help you, like the sample template the IRS provides for the WISP, or Written Information Security Plan. He also recommends visiting the website of the National Institute of Standards and Technology, which offers lots of free information on cybersecurity. Then there are the online training courses and other information offered by your security service providers and by software vendors themselves. SmartVault, for instance, has a free online training academy for customers that will help you understand how to use their tools and how to protect yourself.

2. Backing up your data (low cost)

Luke and other cybersecurity experts can’t stress this enough: To be safe, you must back up your data. All accounting firms—regardless of size—should be doing this regularly. Taking this simple step, which can often even be done automatically, if you select the right software, provides a tremendous amount of protection not only from theft but also from floods and other disasters that could result in data loss and a huge setback for you. "Backups can also protect you from having to go through the blackmail scenario," Luke notes, "since you’ll have access to all or most of your data and won’t be blocked from obtaining it by would-be thieves on your backup device."

Backing up your data doesn’t require a huge time investment, either. It’s likely your essential data is already stored in just a few common folders. Keep your backup separate from your work computer: You can use a USB, a different laptop, or even the cloud. "Cloud solutions are incredibly cost-effective, and they’re a great way to keep yourself safe," he says.

This isn’t just because most accountants are already using cloud storage: The cloud also means you don’t have to invest in expensive hardware up-front. Many providers offer additional storage space for a small fee. Whichever you choose, "Restrict backups so they’re not permanently connected to your network and so not all staff can access them—just a few VIPs," Luke suggests. And remember: Ransomware and malware can move between devices to anything that’s automatically attached, so for more resilience, consider storing backups in a different location completely.

3. Firewalls and antivirus/antimalware software (free)

Many software providers and operating systems now include antivirus and antimalware software in their products for free. Check your devices—phone, tablet, and laptop—to see if you have virus protection software included. If you do, click "enable." This is an easy and free way to instantly make yourself safer.

He also encourages accountants to turn on their firewall. "A firewall creates a buffer zone between you and your own network and an external network, like the internet. Most popular operating systems now include a firewall; you may just have to switch it on on your device," he says.

4. Make sure remote employees are following cybersecurity best practices at home (free)

It’s now far more common than it used to be for employees—including you!—to work from home. While remote work offers many advantages, "remote workers might not follow security practices at home as rigorously as they do when they’re in the office," Luke cautions. One reality of remote work is that it’s "effectively expanded the cyberattack surface, because employees are now using devices and networks that are less secure than corporate ones," he says. It pays (literally), then, to keep an eye on both your own cybersecurity habits and those of your workers when you and they are working from a location other than the office. He recommends enforcing strong passwords by having a policy that guides everyone at the firm on creating a robust password. "Having strong passwords is a basic security practice, but it’s still an effective one," he says. Where possible, make sure everyone is using two-factor authentication (2FA). And, for certain important functions, it might be best to enforce a policy that requires people to come into the office if they want to access specific data.

Continue Learning Cybersecurity Best Practices

Cyberthieves are constantly evolving, as are their methods for attacking firms. It’s the very dynamic nature of this threat that frequently leads accounting firms and firm leaders to put cybersecurity on the back burner rather than just dealing with it.

In our Cybersecurity Webinar series, Luke Kiely, as well as accounting professionals, share practical strategies to secure your firm’s data and comply with regulations. You’ll hear stories from the trenches, learn about the different types of cyberattacks, and see how to develop a straightforward plan to safeguard your firm, prepare for the worst, and communicate with your clients. Access the webinar series here.

To learn about using SmartVault to proactively protect your data, schedule a demo.