Skip to content

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our privacy policy to learn more.

Close
AICPA-CIMA
  • AICPA & CIMA:
  • Home
  • CPE & Learning
  • My Account
Journal of Accountancy
  • TECH & AI
    • All articles
    • Artificial Intelligence (AI)
    • Microsoft Excel
    • Information Security & Privacy

    Latest Stories

    • Incorporating prompt engineering into the accounting curriculum
    • Create a dynamic to-do list with Excel’s checkboxes
    • Another way to manage authentication texts
  • TAX
    • All articles
    • Corporations
    • Employee benefits
    • Individuals
    • IRS procedure

    Latest Stories

    • Treasury posts preliminary list of jobs eligible for no tax on tips
    • Taxpayer’s circumstances do not warrant equitable tolling
    • When does debt become worthless?
  • PRACTICE MANAGEMENT
    • All articles
    • Diversity, equity & inclusion
    • Human capital
    • Firm operations
    • Practice growth & client service

    Latest Stories

    • Few companies strategically using risk management
    • Treasury posts preliminary list of jobs eligible for no tax on tips
    • California issues draft guidance for climate risk disclosure
  • FINANCIAL REPORTING
    • All articles
    • FASB reporting
    • IFRS
    • Private company reporting
    • SEC compliance and reporting

    Latest Stories

    • SEC accepting Professional Accounting Fellow applications
    • SEC names new chief accountant
    • SEC ends legal defense of its climate rules
  • AUDIT
    • All articles
    • Attestation
    • Audit
    • Compilation and review
    • Peer review
    • Quality Management

    Latest Stories

    • AICPA unveils new QM resources to help firms meet Dec. 15 deadline
    • 8 steps to build your firm’s quality management system on time
    • Auditing Standards Board proposes a new fraud standard
  • MANAGEMENT ACCOUNTING
    • All articles
    • Business planning
    • Human resources
    • Risk management
    • Strategy

    Latest Stories

    • Business outlook brightens somewhat despite trade, inflation concerns
    • AICPA & CIMA Business Resilience Toolkit — levers for action
    • Economic pessimism grows, but CFOs have strategic responses
  • Home
  • News
  • Magazine
  • Podcast
  • Topics
Advertisement
  1. newsletter
  2. Cpa Insider
CPA INSIDER

Ways to ward off cyberthieves outside the office

Here are tips to keep your computer and phone secure when working remotely.

By Lea Hart
February 4, 2019

Please note: This item is from our archives and was published in 2019. It is provided for historical reference. The content may be out of date and links may no longer function.

Related

January 1, 2019

Account management: Trading many passwords for one

January 1, 2019

Account management: Avoid commonly used passwords

November 1, 2018

Why cyberdefenses are worth the cost

TOPICS

  • Technology
    • Information Security & Privacy
  • Firm Practice Management
    • Firm Operations

Those working remotely while traveling or on-site with a client may wonder if the data and work on their laptop are as safe and secure as when in the office.

In many cases, the answer is no.

Almost anytime you work outside the office, you’re open to invasions from hackers if your device or the Wi-Fi network you’re on is not secure, said Jerry Ravi, CPA, a partner specializing in technology solutions for EisnerAmper in Iselin, N.J.

Risks can come from connecting to a compromised internet resource or contracting malware from a client-supplied USB device, said Roman Kepczyk, CPA/CITP, CGMA, director of firm technology strategy for Right Networks. And, of course, the risks go up if your whole device is stolen or lost, he said.

“If these devices are not secured properly, they could give thieves access to confidential data on the device or even allow access to the firm’s network,” Kepczyk said.

Complacency about security can lead to problems as well, said Michael Dickson, CPA/CITP, director of information technology services at GBQ Partners LLC in Columbus, Ohio.

“A lot of people say, ‘Why would they target me? I’m boring,'” he said. “The truth is, every person has attributes that represent money to a hacker.”

Advertisement

Hackers can sell lists of names, addresses, and phone numbers, Dickson said. They can capture your login credentials or access directories on your computer as well, he said. And it can mean big trouble from regulators — as, for example, the 2017 Equifax data breach, which led to a hefty fine in the UK, as TechCrunch reported.

There are ways to protect your devices outside the office, however, and following this advice from Dickson, Kepczyk, and Ravi can help:

  • Don’t trust public or “guest” networks. The best practice while on-site with a client would be to access the internet through a secure guest network connection, Dickson said. “However, unless your client has a top-notch security team, there is really no way for a traveling CPA to know how secure the guest network is,” he said. CPAs out in the field should protect their clients’ data by connecting to firm servers only through secure virtual private networks (VPNs), he said. (More on VPNs in the tip below.)
  • If the client has a guest network with a weak password, a hacker could get into that network to access your files, he said. Be aware, too, that if the client has a guest network that doesn’t have a password, it’s possible for someone sitting outside the building to infiltrate the system and, by extension, your files, he said.

  • Implement mandatory security measures. An organization can set up a secure VPN through which employees must log in when they work remotely, Ravi said. It’s now possible for even the smallest organizations to do this because basic anti-virus software that most organizations purchase comes with a VPN component, he said. If the employer is responsible for configuring, managing, and enforcing the VPN, then employees won’t have any choice but to connect to that secure network, Dickson added.
  • Essentially, when employees start up computers and initiate the VPN connection, they can securely connect to all of the resources they would in their own office, even if using private or public Wi-Fi networks, Dickson said. “All of the security precautions are in effect as if they were at the office,” he said.

  • Use your cellphone as a mobile hotspot. If you suspect that a client’s guest network is not secure or you are working in public places such as coffee shops and airport terminals, another option is to use your own cellphone to create a secure connection to the internet, a function known as a mobile hotspot that only requires connectivity to your cellular network. “I know it’s a lot harder for someone to get into my personal hotspot because it has a password attached to it,” Ravi said.
  • Use cloud-based file-sharing services. If you’re working in a client’s office, it could seem simple to transfer files between computers using a USB device, but this poses a risk, Kepczyk said. If the client’s device has malware, that can be transferred through the USB to your computer, he said. Instead, cloud-based file-sharing applications can be used, Ravi said. Citrix ShareFile and Microsoft SharePoint are two examples where files can be stored securely via cloud-based software and accessed by both you and your clients through a secure internet connection, rather than sharing them via USB or sending files via email, he said.
  • Be aware of your surroundings. Thieves can pose a physical risk to your laptop, tablet, or phone as well, Kepczyk said. It’s important to password-protect your devices and encrypt your hard drives to make them more difficult for thieves to access should they steal your device, he said. Also, simply securing your device is important as well; don’t leave devices where a thief could pick them up and walk away with them. And finally, beware of lurkers around you. Someone nearby in a coffee shop, for example, could simply capture the information displayed on your screen. A computer screen privacy filter (like the 3M privacy filter) can prevent that, Kepczyk said.
  • Offer ongoing cybersecurity training to your employees. Organizations should offer training that includes an annual review of the firm’s security policies, discusses new IT threats, and offers reminders on good security habits, Kepczyk said. “Ongoing education is critical, as I have found that the more people do work remotely, the more lax they get on firm policies and security,” he said.

Lea Hart is a freelance writer based in North Carolina. To comment on this article or to suggest an idea for another article, contact Chris Baysden, associate director – content development, at Chris.Baysden@aicpa-cima.com.

Advertisement

latest news

September 8, 2025

Few companies strategically using risk management

September 4, 2025

Treasury posts preliminary list of jobs eligible for no tax on tips

September 4, 2025

California issues draft guidance for climate risk disclosure

September 4, 2025

Business outlook brightens somewhat despite trade, inflation concerns

September 3, 2025

New: Digital assets practice aid addresses auditing of lending, borrowing

Advertisement

Most Read

The No. 1 risk to retirement – and one way to guard against it
Tax provisions in the One Big Beautiful Bill Act
Billy Long out as IRS commissioner after less than two months
Calculating AI’s impact on CPAs: New study quantifies time savings
AICPA unveils new QM resources to help firms meet Dec. 15 deadline
Advertisement

Podcast

September 4, 2025

Summing up economic sentiment and concerns about inflation and tariffs

August 29, 2025

Take a bold leap instead of a tentative step

August 28, 2025

Mark Koziel Q&A: Talent, sense of community, profession opportunities

Features

Calming nervous clients nearing retirement
Calming nervous clients nearing retirement

Calming nervous clients nearing retirement

7 retirement tips for small firm CPAs
7 retirement tips for small firm CPAs

7 retirement tips for small firm CPAs

Building a better CPA firm: Stepping up service offerings
Multi-colored plus signs

Building a better CPA firm: Stepping up service offerings

2025 tax software survey
Smiley, frowney, and neutral faces for Tax Software Survey.

2025 tax software survey

SPONSORED REPORT

Smart Strategies in Data Security and Risk Management

In an increasingly digital profession, data security has become one of the most critical challenges facing finance and accounting professionals today. Stay up to date with practical guidance to help you mitigate these risks and strengthen your security posture.

From The Tax Adviser

August 30, 2025

2025 tax software survey

August 30, 2025

Are you doing all you can to keep the cash method for your clients?

July 31, 2025

Current developments in S corporations

July 31, 2025

Paid student-athletes: Tax implications for universities and donors

MAGAZINE

September 2025

September 2025

September 2025
August 2025

August 2025

August 2025
July 2025

July 2025

July 2025
June 2025

June 2025

June 2025
May 2025

May 2025

May 2025
April 2025

April 2025

April 2025
March 2025

March 2025

March 2025
February 2025

February 2025

February 2025
January 2025

January 2025

January 2025
December 2024

December 2024

December 2024
November 2024

November 2024

November 2024
October 2024

October 2024

October 2024
view all

View All

http://JofA_Default_Mag_cover_small_official_blue

PUSH NOTIFICATIONS

Coming soon: Learn about important news

CPA LETTER DAILY EMAIL

CPA Letter Logo

Subscribe to the daily CPA Letter

Stay on top of the biggest news affecting the profession every business day. Follow this link to your marketing preferences on aicpa-cima.com to subscribe. If you don't already have an aicpa-cima.com account, create one for free and then navigate to your marketing preferences.

Connect

  • X Logo JofA on X
  • facebook JofA on Facebook

HOME

  • News
  • Monthly issues
  • Podcast
  • A&A Focus
  • PFP Digest
  • Academic Update
  • Topics
  • RSS feed rss feed
  • Site map

ABOUT

  • Contact us
  • Advertise
  • Submit an article
  • Editorial calendar
  • Privacy policy
  • Terms & conditions

SUBSCRIBE

  • Academic Update
  • CPE Express

AICPA & CIMA SITES

  • AICPA-CIMA.com
  • Global Engagement Center
  • Financial Management (FM)
  • The Tax Adviser
  • AICPA Insights
  • Global Career Hub
AICPA & CIMA

© 2025 Association of International Certified Professional Accountants. All rights reserved.

Reliable. Resourceful. Respected.