Estimated reading time: 8 minutes, 19 seconds

Six Steps to Avoid Ransomware Attacks

 When a cyberattack strikes an accounting firm, it impacts the firm’s data and, more importantly, can expose critical client data. Keeping your business data and applications safe and secure from ransomware attacks while increasing your clients’ awareness of malicious software requires collaboration with your internal IT department and managed IT provider. 


Ransomware is a type of malicious software that blocks access to computer systems and then requires an anonymous payment to the hackers for return of the data. A ransomware attack is typically delivered via a phishing email. Cybersecurity Ventures predicts that there will be a ransomware attack on businesses every 14 seconds by the end of 2019 and every 11 seconds by 2021, incurring global ransomware damage costs as high as $20 billion by 2021.

In addition to providing services to clients, a firm’s top priority must be keeping its IT infrastructure and client data safe from any cybersecurity threats, including ransomware. Ransomware isn’t going away anytime soon – if anything, these types of malware will continue to become more dangerous. Here are six things firms can do now to better protect client data:

1. Build and test a disaster recovery plan.                                                                                                                                                                                                                                                        Perform a security audit to test and identify vulnerabilities in your organization’s IT infrastructure. Close the gaps to ensure that your information assets are fully protected. Conduct monthly disaster recovery plan drills to ensure quick response times. 

A disaster recovery plan can help your firm get systems back up and running after a cybersecurity attack. A business continuity plan enables staff to remain productive while cybersecurity issues are being resolved.

2. Use secure methods of document sharing.                                                                                                                                                                                                                                                       How does your firm exchange important financial documents with clients? Do clients send earnings statements and tax documents by regular mail or as email attachments? The insecure nature of mail makes it relatively easy for others to intercept, monitor or tamper with critical information. Instead, use a secure client portal to reduce the risk of data breaches. Accountants and clients can log in on a portal to upload, share and view documents, files and messages in a highly secure, encrypted environment.

3. Implement multiple backup protection.                                                                                                                                                                                                                                                           When ransomware infects an organization’s IT infrastructure, it can restrict access to critical information stored within the computer system. Effective backup of firm data will enable restoration of all files, documents and data right up to the time of a ransomware infection or other breach.

Best practice is to have data stored on multiple servers with multiple backup solutions in place, secured with the latest and most advanced technology, to make sure no one can access or delete stored data. Backups should be on a separate network, completely isolated from your main network and off-site.

4. Increase levels of security.                                                                                                                                                                                                                                                                             Hackers tend to focus on systems that are easy to access. So the more levels of security they encounter, the more likely they will move on to avoid wasting time and effort. By implementing network wide security solutions, such as anti-virus, web filtering, firewalls and password protection, your hardware and employee devices will have the same level of security. 

Additionally, data should never be protected by a single password, no matter how creative or complex that single password may be. With this in mind, you should consider implementing multifactor authentication. It requires two or more forms of authentication in order to access critical data and applications hosted in the cloud. New AI-based technology solutions can analyze and model network behavior, improving threat detection to better protect firm and client data from cyberthreats.

5. Educate staff and clients.                                                                                                                                                                                                                                                                                Anyone who has access to network files and data, has individualized passwords to log in on business applications or uses any type of device to get to the cloud must be trained to identify potential threats. To spearhead education, think about developing and implementing cybersecurity training courses to educate your staff on the different types of ransomware threats as well as teach them easy tips to avoid attacks, such as exercising caution with suspicious emails or losing mobile devices. Send weekly reminders to your staff on security best practices (e.g., don’t click on links or attachments from unknown senders). 

Conduct research using websites like ID Ransomware or MSSP Alert to keep on top of IT-related current events in order to alert your staff and clients about new threats on the horizon. 

6. Monitor activity.                                                                                                                                                                                                                                                                                                Smaller businesses tend to fall victim to ransomware attacks because they do not monitor ongoing activity. Network monitoring tools can provide visibility into existing weak entry points that have allowed past breaches to occur and using that information to avoid possible future breaches. Track activity by creating a log of past security events and input the data into a security information and event management (SIEM) system. This system will offer a holistic view of your entire organization’s security. 

A final recommendation is to assemble and rely on a strong security team. Enlist the assistance of technology service providers. Hosting partners and accounting firm document management professionals understand the cybersecurity environment and have experience in implementing the solutions outlined here. The use of both preventive and predictive security practices will allow your firm to mitigate the risk of ransomware and better secure client data.

Read 7185 times
Rate this item
(5 votes)
Don Emery and Christopher Stark

Don Emery Doc.ItDon Emery, CPA, CA, is director of client solutions for Doc.It Inc. Doc.It provides document management and workflow software designed specifically for accounting firms. Emery leads the North America business development team and provides implementation consulting services, assisting firms with strategy, document management, workflow efficiency, retention and compliance. He can be reached at [email protected].



Stark ChristopherChristopher Stark is president and CEO of Cetrom, an industry-leading provider of custom cloud-hosting solutions for CPA firms. With more than 25 years of experience in all facets of the IT industry and holding some of the industry’s most prestigious technical certifications, Stark keeps his finger on the pulse of the IT industry and eyes toward the future. He can be reached at [email protected].


Visit other PMG Sites:

Template Settings


For each color, the params below will give default values
Tomato Green Blue Cyan Dark_Red Dark_Blue


Background Color
Text Color


Background Color


Select menu
Google Font
Body Font-size
Body Font-family
PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.