Accelerate Technologies have been working with a growing accountancy practice to identify and plug potential cyber security flaws.
The practice, with four branches and around 100 employees, has grown through acquisitions over the last few years, which has expanded the firm’s capabilities but also introduced the challenge of incorporating and consolidating processes and IT infrastructure across the organisation.
The working from home initiative during the COVID-19 pandemic prompted an urgent need to provide employees with access to business critical applications outside of the office to ensure that the business could continue to operate and billing time was not lost.
The use of older, financial industry specific applications that are accessed via remote desktop presented the IT team with additional security challenges, unlike cloud-delivered applications, which are designed with security and remote access in mind.
The company called on Accelerate Technologies to carry out a Cyber Security Assessment. Through a workshop with the IT team, the businessâ appetite for cyber risk and the current state of their security was assessed. Key issues highlighted as a result included:
- AÂ remote desktop server hosting a business critical accountancy package for remote access was found to be exposed to internet and lacking 2 factor authentication – presenting a serious risk of breach.
- Various settings in Office 365 required review and tighteming of controls to increase sensitivity of detection of malware and phishing attacks.
- There was a requirement for a Cyber Awareness Programme and a Phishing Simulation and Awareness programme, tailored to suit both employees and board level executives.
- Sensitive and critical information was held in disparate file sharing locations, and the IT Team required support in discovering and reporting such data in order to meet GDPR obligations.
Accelerate Technologies were able to provide advice and support to the IT team, as well as introduce suitable technology within the practice’s budget in order to resolve the identified issues. The two firms have also embarked upon an ongoing journey to implement a Cyber Security Awareness programme, which has improved security practices across all functions and incentivised their employees to take a pro-active approach to safeguard the business.
The company now also benefits from internal skills that not only improve security for their own business, but also improves security measures for clients accessing online payroll and accounting systems.
The full case study is available to read on the Accelerate Technologies website here.