30/04/2015

By Alison Jackson, Lindenhouse Software, one of the UK’s leading developers of electronic document management software


An article published in the Sunday Times recently, highlighted a new wave of fraud that targets businesses and their clients. ‘Who really sent that email?’ focuses on the increasingly sophisticated tactics used by con artists to delete, intercept and impersonate firms to steal money. Banks are now taking a hard line, saying that they cannot be held responsible for the lack of security on client email accounts. And this is a problem that is on the rise with the number of scam alerts issued by the Solicitors Regulation Authority already almost double that of last year. So what should businesses be doing to protect themselves and their clients from fraudsters?

The Information Commissioner’s Office (ICO) has already said that sensitive personal data should not be transmitted by email unless encrypted to current standards but many professional firms including accountants are still not encrypting email communication. Best practice advice from the ICO recommends: ‘Protection cannot be left to chance and it is no longer enough to do only the bare minimum necessary to comply with the law: proper safeguards have to be built in from the first principles, not bolted on inadequately as, an afterthought.’

New EU Data Protection Regulations are to be introduced this year and the prognosis is for tougher sanctions with fines of up to 2% of turnover. This could have a significant impact on firms that make mistakes.

Secure client communication

One option is not to use email at all and use a secure portal for document exchange that encrypts every item of data going back and forwards to the highest levels as used by the FBI, Government and Banks. Not only is the data encrypted during transmission, all files and data are encrypted in storage in the Cloud making it impossible for hackers to penetrate.

With client confidentiality now a number one priority, businesses are increasingly turning to integrated document portals to ensure all electronic communication is secure. Use of a portal guarantees complete security and traceability through a full audit trail and allows users to publish documents to an individual notifying them via an email address. The document is securely uploaded to the Cloud and an email notification sent to the client advising them that there is a document for their attention and they can access and view documents published to them via the portal website or directly from their phone or tablet device.

A mobile app delivers added flexibility as it enables recipients to securely access their documents and review, sign, approve or reject them from the kind of devices everyone uses on a day-to-day basis. Security is key here as the mobile app allows the user to choose to pre-download documentation securely onto the device knowing they will have access to the documents even if they do not have access to the Internet at the time of their meeting. They will also be safe in the knowledge that should their device go missing or get stolen the documents stored on the device are fully encrypted.

“We used to send returns by email”

The firm, Connollys Accountants, installed an electronic document management and portal solution in response to growing security issues. Declan Connolly, Managing Partner said: “We used to send returns by email but with the tightening of the data protection laws, we considered it vital for the practice to implement portals to ensure all information is encrypted to the highest levels and there is no possibility that our client’s confidential financial information can fall into the wrong hands.”

It is possible to carry out a range of actions including approve, change the status of, and respond to portal documents. This rapidly becomes second nature allowing digital/electronic signatures to provide a seamless end-to-end sign off process.

While fraudsters, are constantly on the look out for ways of intercepting and impersonating firms’ emails, the securing of client communication cannot be left to chance. Use of a document portal guarantees that both the firm’s and client’ documents are completely secure with complete traceability, full auditing and compliance.