When an average personal computer user suffers a data breach that sees their personal information exposed to the world, it can be an incredibly harrowing experience. When a professional business like an accounting firm finds themselves in a similar situation, you're talking about something else entirely. According to the Journal of Accountancy, accountants who are victims of a data breach open themselves up to claims for damages from clients, the cost of compliance with state and federal statutes and regulations (including fines), reputation damage, network damage and more. This isn't just bad - it's catastrophic.
Choosing to go with FTP over consumer grade file sharing is one of the single best ways for accountants to help make sure this type of scenario doesn't strike their business.
Consumer Grade File Sharing Risks Accountants Should Be Aware Of
Consumer Grade File Sharing Doesn't Prevent Accidents
One of the major reasons why consumer grade file sharing options do NOT provide enough security for a business environment like an accounting firm is because they were never really designed to do that. While it's true that many providers include advanced features like two-factor authentication, this still doesn't prevent a situation where one of your employees accidentally shares the wrong file with the wrong client, exposing someone else's personal financial information to someone with no reason to see it. This type of scenario is still a compliance violation, regardless of whether or not it was intentional.
In essence, the security practices of many consumer grade file sharing options rely on the end user to be competent enough not to make a mistake. Many FTP and SFTP providers, on the other hand, acknowledge that mistakes can sometimes happen and are designed accordingly. With FTP, not only are there unique login accounts for each user, but also granular directory access permissions. And, while consumer- and even enterprise-grade file sharing services allow ANY user to share files with third parties (publicly, without login), with FTP all users must provide a username and password; and, only administrators can set up logins for third parties.
Compliance Concerns Are a Thing of the Past
Most professional industries are subject to some type of rules and regulations that they must follow regarding client privacy and accountants are certainly no exception. The fact of the matter is that a consumer grade file sharing option is NOT designed to offer compliance for the Gramm-Leach-Bliley Act of 1999, which can open a business up to potentially lofty fines just by sharing consumer financial information over such insecure means in the first place. With features like at-rest and in-transit encryption, support for a wide range of security protocols like HTTPS and SFTP and more, FTP absolutely WILL allow you to share and store files digitally and maintain complete compliance with all governing bodies at all times.