Editor’s note: This is a Web-exclusive exhibit for “Password Management Strategies for Safer Systems.” Advise users to never put their password on a Post-it Note or in another unsafe location. Tell users to always say “No” when Windows or any other software offers to save their password.
Advertisement
TOPICS / TECHNOLOGY
Information security & privacy
Password Management Strategies for Safe Systems: Offense and Defense
Editor’s note: This is a Web-exclusive exhibit for “Password Management Strategies for Safer Systems.” Primary Security Risks Effective Countermeasures Failing to enhance password security in order to focus on searching for a “perfect” security system and obtaining more funding. Immediately improve password security procedures. Implementing new system security procedures or
Password Management Strategies for Safer Systems: Glossary of Key Terms
Editor’s note: This is a Web-exclusive exhibit for “Password Management Strategies for Safer Systems.” Term Definition Clear Text Unencrypted characters in, for example, a password. Crack To decode an encrypted password. Social Engineering A hacker’s use of a plausible pretext to intimidate or trick an employee into divulging a password
Password Management Strategies for Safer Systems
All of your business systems’ users have confidential passwords. Does that mean your system and its contents are safe? Definitely not. As this article explains, organizations that don’t ensure the ongoing security of their passwords are exposing themselves to fraud and potential liability by failing to protect confidential information. Recent
Safeguarding Data: Requirements and Resources
Editor’s note: This is a sidebar for “Protect Your Portable Data – Always and Everywhere.” CPAs should understand their ethical, legal and regulatory responsibilities to safeguard data. The following listings direct you to primary sources: LAWS, REGULATIONS Federal laws Federal Trade Commission, Gramm-Leach-Bliley Act, Disclosure of Nonpublic
Protect Your Portable Data—Always and Everywhere
Their widespread use sometimes makes relatively new technologies seem safer than they are. In fact, even popular and advantageous innovative devices may have significant risks. Prominent examples include data-filled laptops and flash drives. Recurrent headlines make it clear: Your laptop could become one of the thousands lost or stolen every
Simplify and Improve Your Office System
Talk about pressure—and not just in tax season. Keeping office computer systems up and running in small and medium CPA firms is an enormous and unending responsibility. Without reliable computing and communication capabilities, your staff, your clients and your business are dead in the water. To mitigate the risk of
Proposed Changes to Privacy, Security Guidance Available
The AICPA released two proposals that would alter guidance for CPAs providing attestation services, advisory services or both that address IT-enabled systems including electronic commerce systems and privacy programs. The guidance relates to providing services with respect to system security, availability, processing integrity, confidentiality and privacy. The AICPA
One-Size Security Doesn’t Fit All
“Protect Your Wireless Network—And Your Business” (Nov. 08, page 88) suggested a number of steps to protect wireless networks from outside monitoring and other unauthorized access. As an international consultant and a contributing editor for Wiley’s Computer Security Handbook, 5th Edition, I differ with some of the recommended measures. Several measures
Info Security Leads Tech List
The message of the AICPA’s 20th Annual Top Technology Initiatives Survey is clear—CPAs are placing great importance on information security. Security-related matters dominated the top three spots in the ranking of initiatives affecting IT strategy, investment and implementation. Information security management was voted the most important initiative for the
Preventing Identity Theft Throughout the Data Life Cycle
The Federal Trade Commission estimates that as many as 9 million people have their identities stolen every year. According to the Privacy Rights Clearinghouse, more than 200 million instances of data breaches have occurred since the beginning of 2005, and they show no signs of letting up. In the first
Highlights of Accounting Systems Research
This article is the fourth in a series reviewing research relevant to practicing accountants. Previous articles covered auditing, management accounting and tax. Recent, top-ranked journals that cover accounting and information technology systems were examined to determine results containing practical implications. HOW IT OUTSOURCING IMPACTS STOCK PRICESWhen a firm publicly announces
Protect Your Wireless Network—And Your Business
It’s hard to stop hackers from gaining access to something as ethereal as an electronic signal. That’s why it has always been challenging to secure a wireless network. If yours isn’t secure, your business and its data are at great risk. Hackers may be able to monitor which sites you
Watch What You Say…and Write
Nearly three out of 10 employers surveyed by the American Management Association and The ePolicy Institute had fired workers for e-mail misuse. The most-cited reasons included violation of company policy (64%), inappropriate or offensive language (62%), excessive personal use (26%) and breach of confidentiality rules (22%) How are employers catching
Managing Multiple Identities
EXECUTIVE SUMMARY Identity management addresses the difficulties encountered when one physical user has separate user IDs and passwords on multiple systems and applications. Access management addresses the challenges associated with the specific access rights and permissions of multiple user IDs. Large, complex organizations have the greatest potential to benefit from
Offshore Preparers OK’d to See SSNs
The IRS modified its final rules regarding the disclosure of a taxpayer’s Social Security number to a tax return preparer located outside the U.S. to allow disclosure under specified circumstances. Previously, the rules had generally required U.S. preparers to redact SSNs from tax return forms and other information transmitted to
Test Your Information Security IQ
Information security is a dynamic field and, although accounting professionals have become much savvier on the subject, keeping track of the latest best practices can be a daunting task. How current are you? Take this quiz on information security basics to find out. 1. Because no single antivirus program
Mastering the Payment Card Industry Standard
EXECUTIVE SUMMARY Becoming familiar with the Payment Card Industry Data Security Standard is a prerequisite to understanding the regulatory environment in which many businesses that accept credit and debit cards operate. PCI dovetails with a CPA’s core competencies in attest work, risk management, internal audit support and fraud
The Human Element: The Weakest Link in Information Security
EXECUTIVE SUMMARY Social engineering attacks involve the use of deceptive or manipulative tactics on an individual to gain a result—often to gain unauthorized access to information assets. The practice sometimes is referred to as soft hacking and often is used to gather intelligence for a subsequent hacking
TIGTA: IRS Passwords at Risk
Investigators posing as IRS computer help desk personnel were able to persuade 60% of Service employees they contacted to change their password to one the investigator suggested, a violation of IRS computer security rules. The findings by the Treasury Inspector General for Tax Administration (TIGTA) echoed those of a similar
Features
FROM THIS MONTH'S ISSUE
Building a better CPA firm: Stepping up service offerings
A key step in business model modernization is determining how to implement services that satisfy clients and employees.
From The Tax Adviser
August 30, 2025
2025 tax software survey
July 31, 2025
