Skip to content
AICPA-CIMA
  • AICPA & CIMA:
  • Home
  • Engage 365 Communities
  • CPE & Learning
  • My Account
Journal of Accountancy
  • TECH & AI
    • All articles
    • Artificial Intelligence (AI)
    • Microsoft Excel
    • Information Security & Privacy

    Latest Stories

    • Drafting an AI policy that actually works
    • What AI agents mean for CPA firms
    • A guide to fighting AI-fueled AP/AR fraud

  • TAX
    • All articles
    • Corporations
    • Employee benefits
    • Individuals
    • IRS procedure

    Latest Stories

    • IRS designates certain CRAT arrangements as listed transactions
    • Eligible taxpayers to get automatic IRS penalty relief
    • IRS adds online option, details for Kwong-related refund claims
  • PRACTICE MANAGEMENT
    • All articles
    • Diversity, equity & inclusion
    • Human capital
    • Firm operations
    • Practice growth & client service

    Latest Stories

    • A CPA playbook to help prevent disaster fraud
    • IRS designates certain CRAT arrangements as listed transactions
    • Eligible taxpayers to get automatic IRS penalty relief
  • FINANCIAL REPORTING
    • All articles
    • FASB reporting
    • IFRS
    • Private company reporting
    • SEC compliance and reporting

    Latest Stories

    • SEC shares 3 goals in proposed 2026–2030 strategic plan
    • SEC proposes rescission of climate disclosure rules
    • SEC proposes semiannual reporting option for public companies
  • AUDIT
    • All articles
    • Attestation
    • Audit
    • Compilation and review
    • Peer review
    • Quality Management

    Latest Stories

    • PCAOB consultation process offers new options for firms seeking guidance
    • Standardization of sustainability reporting improves, but obstacles remain
    • How to monitor a firm’s system of quality management
  • MANAGEMENT ACCOUNTING
    • All articles
    • Business planning
    • Human resources
    • Risk management
    • Strategy

    Latest Stories

    • How to handle increased enforcement of unclaimed property notices
    • Standardization of sustainability reporting improves, but obstacles remain
    •  What it takes for a CFO to lead operations and tech
  • Home
  • News
  • Magazine
  • Podcast
  • Topics
Advertisement
  1. newsletter
  2. Cpa Insider
CPA INSIDER

Ways to ward off cyberthieves outside the office

Here are tips to keep your computer and phone secure when working remotely.

By Lea Hart
February 4, 2019

Please note: This item is from our archives and was published in 2019. It is provided for historical reference. The content may be out of date and links may no longer function.

Related

January 1, 2019

Account management: Trading many passwords for one

January 1, 2019

Account management: Avoid commonly used passwords

November 1, 2018

Why cyberdefenses are worth the cost

TOPICS

  • Technology
    • Information Security & Privacy
  • Firm Practice Management
    • Firm Operations

Those working remotely while traveling or on-site with a client may wonder if the data and work on their laptop are as safe and secure as when in the office.

In many cases, the answer is no.

Almost anytime you work outside the office, you’re open to invasions from hackers if your device or the Wi-Fi network you’re on is not secure, said Jerry Ravi, CPA, a partner specializing in technology solutions for EisnerAmper in Iselin, N.J.

Risks can come from connecting to a compromised internet resource or contracting malware from a client-supplied USB device, said Roman Kepczyk, CPA/CITP, CGMA, director of firm technology strategy for Right Networks. And, of course, the risks go up if your whole device is stolen or lost, he said.

“If these devices are not secured properly, they could give thieves access to confidential data on the device or even allow access to the firm’s network,” Kepczyk said.

Complacency about security can lead to problems as well, said Michael Dickson, CPA/CITP, director of information technology services at GBQ Partners LLC in Columbus, Ohio.

“A lot of people say, ‘Why would they target me? I’m boring,'” he said. “The truth is, every person has attributes that represent money to a hacker.”

Advertisement

Hackers can sell lists of names, addresses, and phone numbers, Dickson said. They can capture your login credentials or access directories on your computer as well, he said. And it can mean big trouble from regulators — as, for example, the 2017 Equifax data breach, which led to a hefty fine in the UK, as TechCrunch reported.

There are ways to protect your devices outside the office, however, and following this advice from Dickson, Kepczyk, and Ravi can help:

  • Don’t trust public or “guest” networks. The best practice while on-site with a client would be to access the internet through a secure guest network connection, Dickson said. “However, unless your client has a top-notch security team, there is really no way for a traveling CPA to know how secure the guest network is,” he said. CPAs out in the field should protect their clients’ data by connecting to firm servers only through secure virtual private networks (VPNs), he said. (More on VPNs in the tip below.)
  • If the client has a guest network with a weak password, a hacker could get into that network to access your files, he said. Be aware, too, that if the client has a guest network that doesn’t have a password, it’s possible for someone sitting outside the building to infiltrate the system and, by extension, your files, he said.

  • Implement mandatory security measures. An organization can set up a secure VPN through which employees must log in when they work remotely, Ravi said. It’s now possible for even the smallest organizations to do this because basic anti-virus software that most organizations purchase comes with a VPN component, he said. If the employer is responsible for configuring, managing, and enforcing the VPN, then employees won’t have any choice but to connect to that secure network, Dickson added.
  • Essentially, when employees start up computers and initiate the VPN connection, they can securely connect to all of the resources they would in their own office, even if using private or public Wi-Fi networks, Dickson said. “All of the security precautions are in effect as if they were at the office,” he said.

  • Use your cellphone as a mobile hotspot. If you suspect that a client’s guest network is not secure or you are working in public places such as coffee shops and airport terminals, another option is to use your own cellphone to create a secure connection to the internet, a function known as a mobile hotspot that only requires connectivity to your cellular network. “I know it’s a lot harder for someone to get into my personal hotspot because it has a password attached to it,” Ravi said.
  • Use cloud-based file-sharing services. If you’re working in a client’s office, it could seem simple to transfer files between computers using a USB device, but this poses a risk, Kepczyk said. If the client’s device has malware, that can be transferred through the USB to your computer, he said. Instead, cloud-based file-sharing applications can be used, Ravi said. Citrix ShareFile and Microsoft SharePoint are two examples where files can be stored securely via cloud-based software and accessed by both you and your clients through a secure internet connection, rather than sharing them via USB or sending files via email, he said.
  • Be aware of your surroundings. Thieves can pose a physical risk to your laptop, tablet, or phone as well, Kepczyk said. It’s important to password-protect your devices and encrypt your hard drives to make them more difficult for thieves to access should they steal your device, he said. Also, simply securing your device is important as well; don’t leave devices where a thief could pick them up and walk away with them. And finally, beware of lurkers around you. Someone nearby in a coffee shop, for example, could simply capture the information displayed on your screen. A computer screen privacy filter (like the 3M privacy filter) can prevent that, Kepczyk said.
  • Offer ongoing cybersecurity training to your employees. Organizations should offer training that includes an annual review of the firm’s security policies, discusses new IT threats, and offers reminders on good security habits, Kepczyk said. “Ongoing education is critical, as I have found that the more people do work remotely, the more lax they get on firm policies and security,” he said.

Lea Hart is a freelance writer based in North Carolina. To comment on this article or to suggest an idea for another article, contact Chris Baysden, associate director – content development, at Chris.Baysden@aicpa-cima.com.

Advertisement

latest news

July 9, 2026

IRS designates certain CRAT arrangements as listed transactions

July 8, 2026

Eligible taxpayers to get automatic IRS penalty relief

July 7, 2026

Scam stoppers: 5 ways CPAs can help older clients fight financial fraud

July 6, 2026

IRS adds online option, details for Kwong-related refund claims

July 6, 2026

PCAOB consultation process offers new options for firms seeking guidance

Advertisement

Most Read

Eligible taxpayers to get automatic IRS penalty relief
IRS adds online option, details for Kwong-related refund claims
Self-directed IRAs: A tax compliance black hole
IRS seeks examples of incorrect CP53E notices
How to build reusable Skills in Anthropic's Claude AI
Advertisement

Podcast

July 9, 2026

From estate planning to AI: Managing CPA liability

July 2, 2026

The AICPA’s CEO on trust, AI, and the profession’s future

June 25, 2026

Midyear advocacy update: STEM, BOI, taxes and licensure

Features

Start in high school to strengthen the accounting profession
Start in high school to strengthen the accounting profession

Start in high school to strengthen the accounting profession

Accountancy in America: Meeting the moment for 250 years
Accountancy in America: Meeting the moment for 250 years

Accountancy in America: Meeting the moment for 250 years

A guide to fighting AI-fueled AP/AR fraud
A guide to fighting AI-fueled AP/AR fraud

A guide to fighting AI-fueled AP/AR fraud

How to handle increased enforcement of unclaimed property notices
How to handle increased enforcement of unclaimed property notices

How to handle increased enforcement of unclaimed property notices

How to tame funding volatility in not-for-profits
How to tame funding volatility in not-for-profits

How to tame funding volatility in not-for-profits

What AI agents mean for CPA firms
Accordance

What AI agents mean for CPA firms

FROM THIS MONTH'S ISSUE

Drafting an AI policy that actually works

As AI use accelerates, many firms are discovering their policies haven’t kept pace. This article breaks down what CPAs and finance leaders should consider when drafting an AI policy that’s practical, flexible, and fit for real world use.

From The Tax Adviser

June 30, 2026

Condo casualty losses: Deductions for common-interest property

May 31, 2026

Trust distributions: Timing, tax, and practical considerations

May 31, 2026

Current developments in taxation of individuals: Part 3

April 30, 2026

Current developments in taxation of individuals: Part 2

MAGAZINE

July 2026

July 2026

July 2026
June 2026

June 2026

June 2026
May 2026

May 2026

May 2026
April 2026

April 2026

April 2026
March 2026

March 2026

March 2026
February 2026

February 2026

February 2026
January 2026

January 2026

January 2026
December 2025

December 2025

December 2025
November 2025

November 2025

November 2025
October 2025

October 2025

October 2025
September 2025

September 2025

September 2025
August 2025

August 2025

August 2025
view all

View All

http://JofA_Default_Mag_cover_small_official_blue

PUSH NOTIFICATIONS

Learn about important news

This quick guide walks you through the process of enabling and troubleshooting push notifications from the JofA on your computer or phone.

CPA LETTER DAILY EMAIL

CPA Letter Logo

Subscribe to the daily CPA Letter

Stay on top of the biggest news affecting the profession every business day. Follow this link to your marketing preferences on aicpa-cima.com to subscribe. If you don't already have an aicpa-cima.com account, create one for free and then navigate to your marketing preferences.

Connect

  • X Logo JofA on X
  • facebook JofA on Facebook

HOME

  • News
  • Monthly issues
  • Podcast
  • A&A Focus
  • PFP Digest
  • Academic Update
  • Topics
  • RSS feed rss feed
  • Site map

ABOUT

  • Contact us
  • Advertise
  • Submit an article
  • Editorial calendar
  • Privacy policy
  • Terms & conditions

SUBSCRIBE

  • Academic Update
  • CPE Express

AICPA & CIMA SITES

  • AICPA-CIMA.com
  • Global Engagement Center
  • Financial Management (FM)
  • The Tax Adviser
  • AICPA Insights
  • Global Career Hub
AICPA & CIMA

© 2026 Association of International Certified Professional Accountants. All rights reserved.

Reliable. Resourceful. Respected.