Contractors: Act Now to Plug Cybersecurity Holes
Kirsch CPA Group
Dec 17, 2020

The coronavirus pandemic has forced many construction companies to embrace a more distributed workforce. Employees who can work remotely are keeping connected with online and mobile technology. Meanwhile, team members on jobsites may be accessing company systems from their own mobile devices. Unfortunately, information technology (IT) security plans may not be up to the challenge.
If your business’s security program is underequipped for the current climate’s influx of remote users, you may have security holes. Such holes can provide cybercriminals with access to your network. By employing the following best practices, however, you can protect your construction company and its financial systems against threats such as cyber intrusions, data breaches, phishing and ransomware.
Start With a Risk Assessment
The first step is to evaluate your networks so you understand what types of data is processed, where it’s stored and which data must be protected. For example, you’ll probably want to prioritize protection of:
- Payroll records,
- Accounts payables and receivables,
- Employee Social Security numbers and other HR information,
- Sensitive client information, and
Drawings and blueprints of critical infrastructure.
You’ll also need to understand the legal and regulatory requirements for protecting sensitive data. From there, you can implement the tools and procedures necessary to protect it from cyberthreats. If you don’t have IT experts on your staff, work with a qualified consultant to identify your business’s risks and build a strong cybersecurity program.
Educating and Training Employees
Also critical to bolstering IT security is training employees to use the business’s technology and mitigate risks. Cybersecurity training shouldn’t be a one-time session performed during new-hire orientation or when a new device is issued to employees. Require everyone to participate in refresher training periodically as hackers initiate new types of attacks and your security plan is updated to defend against them.
One of the most important methods of preventing cybersecurity breaches is to ensure employees know how to spot a phishing or malware email. These are emails (from external and internal senders) with suspicious links or attachments that, when clicked, download malicious software. If an email appears suspicious — for example, if the sender’s language or request seems out of character — employees should immediately call the sender to verify the email. If the email can’t be verified, employees should notify your IT security expert.
Special Security for Mobile Devices
Mobile technology is becoming more prominent on jobsites, with many construction companies allowing employees to use their personal devices for certain tasks. To keep business data safe at every point of access, the personal devices and apps your employees use should be included in your company’s IT security strategy.
Take inventory of all devices and apps your team uses, including the make and version of operating systems. And ensure that your team members password-protect any devices they use for work to prevent unauthorized access if a device gets lost or stolen.
Patches and Backups
Keeping your software systems and firewalls updated is another critical preventive measure against cyberattack. When personal computers and mobile devices are used for work, make sure your team members know to update their software and mobile apps whenever updates to patch security flaws become available.
Saving files to your computer puts the information at risk for theft or accidental deletion. So be sure to use a cloud-based solution to back up documents and files. Of course, cloud systems also provide authorized remote users quick and easy access to documents and project data at any time, from any location.
Finally, if you don’t already have it, consider buying cybersecurity insurance. This type of coverage is designed to mitigate losses from incidents including data breaches, business interruption and network damage.
Review and Audit
Technology changes rapidly, and hackers change their tactics almost as quickly. Regularly review your cybersecurity procedures and ensure employees are up to speed. You may also want to engage an outside IT security expert occasionally to perform a thorough audit. The extra cost generally is much less than what your construction business could lose should a cyberattack succeed. Contact Kirsch CPA Group at 513.858.6040 for recommendations.

About The Author
Kirsch CPA Group is a full service CPA and business advisory firm helping businesses and organizations with accounting,…
Tags
Sign Up for Email Updates
Related Articles












Does your Business Deduct Research & Development Expenses? Major Changes Impact 2022 Taxes…
- 11-09-22
- Elizabeth Michalak






Why Have Your Financial Statements Reviewed (Even When Not Required)
- 10-17-22
- Kirsch CPA Group















Case Study: Strategic Accounting Support from Acquisition to Sale
- 09-20-22
- Kirsch CPA Group



























Prevent a Poorly Structured Chart of Accounts from Hiding Your Profitability
- 01-06-22
- Nick Roell















Entrepreneurial Mindset: Kirsch CPA Group Sets a Framework for Growth
- 10-28-21
- Kirsch CPA Group






























What Your Numbers Are Saying: Are You Listening?
Part 2: How Attractive Is Your Balance Sheet?
- 07-19-21
- Kirsch CPA Group












What Your Numbers Are Saying: Are You Listening?
Part 1: Do You Know Your Profitability?
- 06-09-21
- Kirsch CPA Group




































Using Cash Flow Forecasting to Avoid Problems & Grow Your Business
- 04-07-21
- Kirsch CPA Group









Selecting the Right Payroll System for Your Construction Business
- 04-01-21
- Kirsch CPA Group















Self-Employed May Be Eligible for COVID-Related Tax Breaks for 2020
- 03-17-21
- Kirsch CPA Group






COVID-19 Relief: Overview of the New American Rescue Plan Act for Individuals
- 03-17-21
- Kirsch CPA Group



COVID-19 Relief: Business Overview of the New American Rescue Plan Act
- 03-17-21
- Kirsch CPA Group



























Opportunity Zone Investments: A Tax Deferral Opportunity You May Have Overlooked
- 02-17-21
- Kirsch CPA Group




































The Status of Temporary COVID Tax Relief Measures After the New Law
- 01-21-21
- Kirsch CPA Group















8 Accounting Practices for a Financially Healthy Construction Business
- 01-07-21
- Kirsch CPA Group









Appropriations Law Adds Some Business Tax Breaks and Extends Others
- 01-07-21
- Kirsch CPA Group



























Contending With the Patchwork of State Requirements for Nonprofits
- 12-17-20
- Kirsch CPA Group

































Employee or Independent Contractor? The Rules May Be Getting Simpler
- 11-12-20
- Kirsch CPA Group









Do the COVID-19 Extended Deadlines for Health Plans Still Apply?
- 11-12-20
- Kirsch CPA Group












Using Remote Workers? Protect Sensitive Company Data from Exposure
- 10-28-20
- Kirsch CPA Group













































What You Need to Know About the Deferral of Payroll Tax Obligations
- 09-15-20
- Kirsch CPA Group









Hobby or Business? How to Treat COVID-19 Sideline Activities for Taxes
- 09-15-20
- Kirsch CPA Group















Monitor These 3 Things as COVID-19 Changes Your Nonprofit’s Priorities
- 08-11-20
- Kirsch CPA Group












FASB Offers Reprieve from Updated Lease and Revenue Recognition Rules
- 07-23-20
- Kirsch CPA Group






COVID-19 Crisis May Affect Tax Angles for Rental Property Losses
- 07-10-20
- Kirsch CPA Group









Last-Minute Strategies for Businesses that Deferred Filing Tax Returns
- 07-01-20
- Kirsch CPA Group









Can Your Business Survive and Even Thrive in These Trying Times?
- 06-18-20
- Kirsch CPA Group






Five COVID-19 Obstacles a Construction Company Needs to Navigate
- 06-12-20
- Kirsch CPA Group












Cash Flow Tip: Postpone Payment of Certain Federal Employer Payroll Taxes
- 04-20-20
- Sue Schloemer


















Tax Filing Deadline Remains April 15 – Payment Due Extended to July 15
- 03-19-20
- John Kirsch










































8 strategies to help you adapt to economic down turn without layoffs
- 02-24-18
- Diane Glover





















Which Research Activities Qualify for the Qualified Small Business Tax Credits
- 07-17-17
- Diane Glover





































