Do you share information with your clients using Dropbox? Many of us do. But in an online world where cyber-crime is advancing almost as fast as technology, there are security issues we need to be aware of since we routinely have access to sensitive information.
Here's the Challenge
We work via the Internet because it is a win-win solution for bookkeeping services. It's convenient, efficient and faster to do everything online. So cloud-based document sharing makes a lot of sense. After all, it's much more secure than attaching documents to unencrypted email messages, right?
Yes, even consumer-level online file sharing apps do have more security than emailed documents. No question. However, if you're using the free options, such as Dropbox, Google Drive, OneDrive and others, you must remember what these apps are designed to do. They are intended for individuals who want to save and share family photos and largely non-sensitive information.
They're not designed for accounting professionals like us.
So the first question to ask is, ‘What level of security is built into the online file sharing tool I'm using?' Is the information encrypted while it's being transferred and while it's being stored?
An Important Distinction with Dropbox
Have you ever noticed that if someone shares a Dropbox folder with you, it can hog a lot of space on your hard drive? Have you ever wondered why that is? The files are sitting in the cloud, aren't they? In fact, if you use more than the allotted amount of cloud storage in the free version of Dropbox, you will need to start paying for extra space.
Here's what's going on.
The reason you need at least as much hard drive space on your local computer as all the folders attached to your Dropbox account is because all of those files are, by default, being copied onto your hard drive.
Did you realize that?
There is no security to protect those files once they are on your hard drive (or on the hard drive of the person you are sharing folders with for that matter), unless you are using encryption on your local computer. Additionally, where Dropbox is storing those files is not obvious. If you later retire the computer from business use and say, give it to your college-aged child, those files will still be there. Yes, you might disconnect that computer from your Dropbox account and remove the app, but that doesn't remove those copied files from your computer's hard drive. Removal needs to be done manually, if you even remember they're there.
Do you really want the risks of having clients' tax information, payroll or other sensitive documents sitting on your computer with no protection for anyone who uses the computer (or hacks in) to see?
Because the files are automatically copied to your hard drive, it has long been a reason that I do not recommend virtual bookkeepers use this tool as your client portal. However, I also recognize that in reality, many of us are still using it. (Heck, I have clients and colleagues who insist on using Dropbox for everything; I even use it for administrative / non-sensitive files.) I get it. It's convenient and cheap.
The real takeaway here is we need to think through the tools we're using, especially those that involve sharing sensitive information. The risks are real for both us and our clients.
If You Do Use Dropbox, Use Smart Sync
The good news is there is a way to save both hard drive space and improve security when using Dropbox. It's by adjusting your settings for how the files are synced with your computer.
Do this with the desktop icon app in the system tray. Here's a short one-minute video from Dropbox that shows you exactly how to do it, quick and easy.
Sometimes it's just a small adjustment that can make a significant difference. This is one of those situations.
By making folders that have sensitive information ‘online only,' you will at least remove one of the ways hackers could access your clients' sensitive information.
Remember 90% of data breaches are caused by human error. Let's not contribute to that statistic or the often disastrous consequences that can result. Let's think proactively about our workflows, from a security perspective as well as efficiency and convenience. Consider how you are interacting and sharing information with your clients. That includes not only how we send them information, but how they provide it to us.
This is one reason why I highly recommend using a client portal program that is designed for accounting professionals. Personally, SmartVault is my go-to tool for my client file sharing and absolutely for any information that is sensitive (credit card information, social security number, tax documents of any kind, etc.). Using the mapped drive feature is nearly as seamless as using Dropbox, but a lot more secure.
In fact, if you'd like to see SmartVault in action, on Wednesday, February 5th there's going to be a re-broadcast of a wildly popular webinar I did that includes a full demo entitled,
“Your Streamlined Workflow Workshop:
How to Map It. Standardize It. Automate It.”
It's free and it might give you some ideas on how you can tighten up online security in your workflows, while improving efficiency and effectiveness during even busy times of year.
Which online tools do you use and trust to keep your client information safe?