Data and information security

Searching for privacy

Q: I’ve heard that search engines such as Google and Yahoo! keep a record of your searches and the websites you visit and that they often share this personal information with other companies. I don’t do anything illicit on the internet, but I’m still not comfortable with these search engines

Substantiating trust

Q: When introduced to new privacy solutions (such as DuckDuckGo or Disconnect), what assurances do we have that these solutions aren’t themselves stealthily tracking our computing or internet activities? A: Before trusting a lesser-known privacy solution, at a minimum make sure that it meets the following criteria: The company makes

Data security risk: You can take it anywhere

While no security program or security software can guarantee that data will never be lost or stolen, application of a few basic principles can help address mobile security risks and mitigate professional liability exposure.

Harnessing the power of the cloud

Cloud computing and increasingly powerful mobile devices are breaking down communication, data access, and market barriers for CPAs, but the breakthroughs also open the door to potential trouble. A panel of technology experts offers advice on how CPAs can make the most of technology while minimizing the risks.

Six cybersecurity basics

The steady barrage of headlines about cybersecurity underscores a topic viewed with wary eyes by many executives, board members, and investors. Employees may have access to sensitive data through smartphones that they carry everywhere. Globalization has increased the geographic reach of companies – making them visible to ever more hackers.

Auditors have important role in cybersecurity

The steady stream of headlines about data breaches has the business community and regulators on high alert with regard to cybersecurity. An online PwC survey of global executives and IT directors conducted early in 2013 found that detected cybersecurity incidents rose 25% over the previous year. And 31% of executives

Use data privacy to gain a competitive advantage

Data privacy doesn’t have to be an issue that keeps executives awake at night. Instead, companies that approach data privacy the right way can use it to differentiate themselves, said Carolyn Holcomb, CPA, the leader of PwC’s data protection and privacy practice in the United States. “We see companies that

TIGTA report says IRS should do a better job protecting taxpayer data

The IRS does not do a good job of correcting security weaknesses, thereby failing to protect taxpayer data, the Treasury Inspector General for Tax Administration (TIGTA) concluded in a report released Thursday. TIGTA’s audit found that the IRS does not always correct known security problems and the corrective action process

Survey spotlights need for data and security strategies

On the surface, the results of the 2013 North America Top Technology Initiatives survey show that “managing and retaining data” nudged past “securing the IT environment” to become the top technology priority cited by the nearly 2,000 accounting professionals polled. Dig a little deeper, and the evidence indicates that the

Seven ways to address IT vulnerability

When Mike Foster hears from CFOs about IT security issues, he gets the sense they’re focusing on a single hacking event here or there, instead of viewing IT security as a project that needs constant management and attention. What Foster tells the CFOs is this: “We don’t want to fight

Data, security take top two spots in AICPA technology priorities survey

On the surface, the results of the 2013 North America Top Technology Initiatives survey, released Wednesday by the AICPA and CPA Canada, show that “managing and retaining data” nudged past “securing the IT environment” to become the top technology priority cited by the nearly 2,000 accounting professionals polled. Dig a

Cybersecurity: 2013 is already “the year of the hack”

Many organizations are unprepared to protect themselves against an emerging, relentless cybersecurity danger that threatens national security and economic stability, according to a new global survey. Advanced persistent threats (APTs) are not easily deterred, which makes them different from traditional threats, according to global IT association ISACA. But an ISACA

Stopping tax identity theft: Practical advice for CPAs and clients

Tax return and other tax-related identity theft is a growing problem that CPAs can help their clients with—both in taking preventive actions and in correcting problems after an identity thief has struck. Tax return identity theft occurs when someone uses a taxpayer’s personal information, such as name and Social Security

Three IT challenges to watch for in 2013

The global information systems organization ISACA is urging businesses to prepare for tough decisions in the year ahead in three areas: data privacy, cloud computing, and increasingly complex cyber-threats. Interest in private or hybrid (public/private) cloud solutions is expected to grow because of information security concerns, according to ISACA. Meanwhile,

S.C. taxpayers’ Social Security numbers, credit cards hacked

The South Carolina Department of Revenue is providing affected taxpayers a year of credit monitoring after a hacker stole information including 3.6 million Social Security numbers and 387,000 credit and debit card numbers from its computer systems. State revenue officials announced Friday that the S.C. Division of Information Technology learned

Malware growth maintains rapid pace as mobile threats surge

The number and complexity of cyberattacks, especially those targeting mobile devices, grew at an alarming pace in the second quarter, security technology company McAfee Labs said in its latest Threats Report. McAfee identified more than 8 million previously undiscovered samples of malicious software, or malware, during the three months that

What's your privacy IQ?

Maintaining the privacy and protection of customers’ and employees’ personal information is a risk management issue for all organizations. The increase in identity theft is also a concern for all organizations. Laws and regulations continue to place requirements on businesses for the protection of personal data. Myriad laws and regulations

PwC: Internal audit has to play a more substantial role in information security

Most companies fail to adequately monitor and update their defenses against cybercriminals, raising the risk of costly data security breaches, according to PwC. Fortifying Your Defenses: The Role of Internal Audit in Assuring Data Security and Privacy, a PwC white paper, asserts that the increasing frequency and sophistication of hacker

Most U.S. small businesses lack disaster-recovery plans

More than 60% of U.S. small businesses do not have a formal emergency-response plan and fail to back up their financial data off-site, leaving them vulnerable to catastrophic data loss in the event of a natural disaster. The Small Business Disaster Preparedness Study, conducted by software maker Sage North America,

Protecting privacy

Under pressure from regulatory requirements, professional standards, and client expectations—not to mention increasingly sophisticated hackers—CPA firms are emphasizing efforts to protect the privacy of confidential information under their purview. The following steps can help firms mitigate the risk of a reputation-damaging data breach: Identify and classify the types of information


6 key areas of change for accountants and auditors

New accounting standards on revenue recognition, leases, and credit losses present implementation challenges. This independently-written report identifies the hurdles that accounting professionals face and provides tips for overcoming the challenges.


How tax reform will impact individual taxpayers

Amy Wang, a CPA who is a senior technical manager for tax advocacy at the AICPA, answers to some of the most common questions on how the new tax reform law will impact individual taxpayers.