8th September 2020
You might assume that the default approach for a bookkeeper or accountant in relation to technology is ‘cautious’ – after all we have to work with HMRC and Companies House, both of whom have historically been rather slow to adopt digital strategies.
But being cautious and being proactively safe where IT is concerned are very different things. A cautious approach would probably involve us not adopting new technologies, regardless of the efficiencies they deliver for us and our clients. However, those of you that know me, will know that I actively embrace the use of technology and in the last few years have made every effort to implement software and processes that make life easier for my clients and enable me to deliver my work in a faster and more efficient manner.
But at the end of the day the accountant in me still rushes to the surface from time to time and I am still an inherently cautious individual – after all, no one wants a gambler looking after their personal and commercial affairs do they…?
So, when I set out on a journey to adapt my business and make as many of my processes digital, using cloud based systems and utilising apps, I wanted to do so in a safe way, avoiding unnecessary risk.
Like in all other aspects of my business, the cautious me sought out a professional adviser to help me manage the process, ensuring that security sat at the heart of my strategy. I began working with the team at LMS Group who already looked after my IT and telecoms, asking them about the best route to take. They advised me that some time ago, The National Cyber Security Centre came up with a simple list of five technical controls that are designed to protect businesses – now called Cyber Essentials. Putting these controls in place and then going on to gain the Cyber Essentials accreditation would not only ensure security for my business, but would also demonstrate a commitment to my staff, suppliers and customers, and most importantly any data that I may hold on them.
Cyber Essentials works on a handful of basic principles around network security, software and hardware and ongoing maintenance and updates. However, whilst these principles are relatively obvious and straightforward, the research I carried out made clear that they are often overlooked by most businesses – leaving them vulnerable to attack or cyber-crime.
We embarked on a top to bottom review of my network, devices, applications and data; identifying areas of risk, creating the controls required to manage that risk and then developing an ongoing management plan to ensure continued compliance. Having completed the accreditation process, I can now claim to be Cyber Essentials accredited.
Whilst I would hope that my Cyber Essentials accreditation could be a significant factor for a prospective client choosing me over a competitor, business development was not my driver. For me, it forms part of my continued commitment to quality, to doing things correctly and ultimately for my own peace of mind, as I know that I manage something incredibly important to each and every client. No, not their money, their data….