Being an SME, you’re probably already relying on third-party software for the bookkeeping of your company. After all, companies like these make your life much easier, right? Exact, NMBRS or Jimdo come to mind when it comes to bookkeeping giants. But what about their expertise in the field of cybersecurity? You’ve probably always told yourself “My data is secure! It’s treated by this renowned and therefore skilled software company”… Well, in this article we invite you to reconsider your suppliers by asking yourself: are they capable enough to keep my data and business safe?
The (not so) hidden risks of online bookkeeping
At Proteon, we want to make a change towards a more (cyber) secure world. With that in mind, we scrutinised small and medium accountancy firms’ websites and terms of services to determine their cybersecurity maturity level. One thing that raised our eyebrows is that information exchange with accountants often relies on sending files via email or other intrinsic unsafe channels. Even though the security mechanisms around email exchange seem to have improved in recent years, there are still many opportunities for hackers to intercept these files. With little effort they could read or even manipulate their contents.
Similar to emails, we also noticed that not all accountant websites are secured which means that data sent back and forth to these websites is unencrypted and therefore can be easily eavesdropped on. One example where this data exchange happens is that contact form you have in your site asking for names, email and phone numbers.
But… How is my data misused then?
Let’s say an invoice is intercepted through an unsecured email or website. Now, an attacker has information about you and your customer because in the invoice you can find names, phone numbers, email addresses, VAT information and bank information. By reusing this information an attacker can forge a convincing email or SMS. Now what would happen if you consider that phoney email to be legit? The difference between a normal day and a complete nightmare relies on your sole ability to discern what’s real and what’s not.
The most common cyberattacks begin with (apparently) inoffensive emails, links, calls, SMS, weak passwords, and computers with weak or non-existent password protection. These emails often go around something urgent that requires your attention and your data right away. So next time you receive that SMS from your bank to contact them because of an urgent payment request, or that email from your long lost uncle from Asia who passed away and left you a fortune, think twice before replying, paying or acting in general. Even when you only sense the slightest bit of doubt, call your bank or trusted parties to verify the legitimacy of the claim.
Is it all bad news?
Not quite, the good news is that you, your colleagues and business partners can improve your cyber resilience with the help of us, Proteon. Our vision is helping companies like yours to be and to stay safe in the digital age.
Don't leave your business safety to chance
Our Security Radar is designed with SMEs in mind, all our communications are done in plain language, enabling organisations to make informed decisions and raising awareness about their cybersecurity, all of this while offering an appropriate plan for every budget and requirement.
We do so by assessing your risks, raising your information security maturity level and working on a personalised plan for your company to reach your goals. We offer you automated tools that monitor your applications for vulnerabilities, and we help every member of your organisation to reach a high maturity level in cybersecurity.