Other issues in this category (69)
Ten security commandments for company accountants
It is vital for any business to protect its finances from theft. This includes protecting it from criminals who use malware to attempt to steal money. Ironically, this seemingly difficult task can be accomplished using simple and readily available tools.
Of course, the PCs used by a company accountant should first be protected by comprehensive Internet Security anti-virus solutions. But, in addition to that, accountants should be taught PC security basics.
So, here are our recommendations to all accountants and to all those who use computers to perform finance-related tasks.
- A computer involved in carrying out transactions must only be used for this sole purpose—no other tasks should be performed on it.
- If an employee sends and receives emails on a computer of this kind, an anti-spam should be installed on it too. Under no circumstances should the accountant's email address be used to register on any website.
- The Office Control should use a white list of sites to which access is allowed. Sites that aren't on the list should be inaccessible.
- Under no circumstances should users be allowed to install and launch new programs on the computer.
- Emails that are not addressed to anyone in particular and concern taxes, fines, giveaways, training, health, holidays, etc. must be deleted instantly. All these topics are usually used in fraudulent emails that specifically target accountants.
- The same applies to emails that are seemingly from banks or other respected organisations (and their affiliates) and request confidential information (passwords, names, social security numbers, etc.).
- If you have reservations and believe that an email may have been sent by a legitimate company, first you need to verify that—contact the organisation using information found on its official site (not in the email message) and make sure that its employee really sent the message. Addresses and phone numbers of partner companies should also be at hand to make sure that only this information is used to get in touch with them.
- If a suspicious message arrives in a mailbox, do not open the message; you need to notify the system administrator—they should be made aware that the accountant's PC came under attack.
- Do not open links from dubious messages and never copy them into your browser's address bar. If necessary, enter the address manually.
- 10 View transaction logs regularly and pay attention to any suspicious expenses.
- If you are an accountant, take the above requirements seriously. These aren't just tips—we haven’t called them commandments by accident.
- Whether you are a senior officer in your organisation or a rank-and-file employee, make sure that this issue of the Anti-virus Times gets read by your accountant and system administrator.