From XU Magazine, 
Issue 34

Data Privacy Day: Modern accountancies reap the rewards of responsible data practice

As modern practices move towards cloud accounting, accountants are reaping the rewards of being able to access, process and analyse data faster.
This article originated from the Xero blog. The XU Hub is an independent news and media platform - for Xero users, by Xero users. Any content, imagery and associated links below are directly from Xero and not produced by the XU Hub.
You can find the original post here:

Big data can lead to transformative insights that can generate new business lines and help clients prosper in innovative ways. However, with larger data sets comes increased responsibility.

Responsible data processes and procedures are paramount for maintaining the trust and confidence of clients. On 28 January, businesses worldwide marked Data Privacy Day. This day seeks to raise awareness about protecting the privacy of personal and confidential data online.

Across the UK, accountancy practices are joining in this international effort as they work to safeguard data through appropriate technology and best practice. However, those advisors using cloud accounting platforms already have an added advantage. Today’s cloud accounting suites are more secure than ever before. Moreover, they also feature extensive functionality to promote the safe handling of data. From the secure transfer of data and messages to multi-factor authentication, cloud-based practices have the cutting edge.

At Wolters Kluwer Tax & Accounting UK, our growing digital portfolio is rooted in our commitment to being digital-first. In this article, we’ll explore how practices are doing more with data – more securely than ever before.

Busting the myths of data security in the cloud

For many years, there was a commonly held belief amongst practices that holding clients’ data in the cloud was a security risk. Many practices therefore avoided cloud adoption or full cloud services implementation, because of concerns about storing data on remote servers.

It is high time this cloud security myth was debunked, and gradually this is becoming the case. When the Cloud Industry Forum (CIF) surveyed 250 UK-based businesses in its annual Cloud: Driving Business Transformation study last year, it revealed that cloud security mindset had changed. The study identified that security now falls behind budget and legacy integration issues, in terms of companies’ top concerns surrounding cloud adoption. 61% of companies in the study said they now feel more secure using the cloud.

This evident change in how businesses think about data security in the cloud isn’t unsubstantiated. Hosting private data in the cloud is more secure than using an on-premises data centre. As McKinsey notes, all major Cloud Service Providers have made significant investments in their underlying security capabilities. Their business models depend entirely on best-in-class security. As such, they have invested billions in cloud security cybersecurity experts, tools and methods.

Modern practices using cloud-based accounting platforms also have an added advantage. Both vendors and Cloud Service Providers are dedicated to rolling out the latest security measures and updates. This involves keeping on top of different controls, procedures and technology to protect the personal data stored with their platforms.


The data security benefits of cloud-based accounting platforms

When looking at best practices in data security, it’s useful to reflect on how far practices have come. Before digital transformation, practices dealt mainly with paper. They often posted sensitive documents to clients, and physically stored these documents on company premises. The data security implications here are obvious.

Many practices thus became more digitised, but moving to the electronic management of documents and communication is not the holy grail of data security. Email impersonation scams are not uncommon. As the government’s National Cyber Security Centre (NCSC) reveals, phishing and messages from cybercriminals – often impersonating brands or government agencies – are on the rise.

In fact, the NCSC’s Suspicious Email Reporting Service (SERS) received 6.4 million reports during 2022. 67,300 scam URLs were removed as a result. This brings the total number of reports to SERS since 2020 to 15.8m, with 198,500 take-downs.

Education can help people to identify and spot the common tricks that cybercriminals use. Nevertheless, the merits of using secure documentation management and messaging within cloud-based accounting platforms should not be underestimated. When both accountants and their clients are logging into a secure online messaging portal, it means that data becomes centralised and more secure. These platforms also automatically track documentation versions and retain an audit trail of communication. This means you can track how data has been accessed and updated.

Protecting client data with secure multi-factor authentication

One of the most extolled merits of the cloud is that it removes geographic limitations. Accountants can balance workloads between offices with digital documents that can be accessed anywhere, at any time.

However, it’s precisely this ease of access that makes many practices nervous. In truth, not everyone across a practice needs access to all data. Cloud-based accounting platforms handle this expertly with the use of permissions. Permissions can be mapped to each user, giving them access to specific business units and security groups. It means that advisors may only have access to their own client accounts. Senior administrators within practices can control who has access to what.

However, practices must look beyond setting permissions, and take steps to guard against external threats. It’s an increasing concern. The Verizon 2022 Data Breach Investigations Report revealed that an alarming percentage of attacks in 2022 were caused by threat actors using stolen credentials. A very simple tool, yet very effective.

This is why most cloud accounting platforms are using multi-factor authentication to help safeguard data. Also often referred to as two-factor verification, multi-factor authentication helps to combat stolen passwords. It requires a second factor (such as a code generated on a mobile phone), in addition to the password, as part of the login and authentication process. This requirement adds another layer of protection against hacking and attempts to steal credentials. If a cybercriminal obtains a password, they’ll still need physical control of that mobile phone to gain access to the cloud accounting platform.

Empowering clients with data

Data Privacy Day isn’t the only good time to reflect on how data is empowering businesses, and how important good data practice is to building client trust. At Wolters Kluwer, we look forward to further opportunities to create value for our customers with data. Solutions such as our CCH OneClick product help accountants to transfer client data securely, with the added security of multi-factor authentication access. Our aim is to transform customer interactions across the entire journey into a seamless, customer-focused, end-to-end digital experience.

1. Cloud Industry Forum, ‘CLOUD: DRIVING BUSINESS TRANSFORMATION’, 2022

2. McKinsey, ‘Debunking seven common myths about cloud’, 2020

3. National Cyber Security Centre, https://www.ncsc.gov.uk/

4. National Cyber Security Centre: ‘NCSC reveals top government email impersonation scams taken down in 2022’, 2022

5. Verizon: ‘2022 Data Breach Investigations Report’, 2022

Why leave it there?

To find out more about how Wolters Kluwer can support your move to digitalisation

Straight to your inbox

Subscribe to our newsletter for updates as they happen
We hate spam too. We NEVER sell our mailing list.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.