Secure file storage and sharing in your Bookkeeping Business

Having a virtual bookkeeping business means you need a secure way to store and share documents with your clients and your team. In this article we’re going to go over how to use G Suite in your bookkeeping business and best practices for file structures and naming conventions.

But first, I need to be transparent and let you know that some links are affiliate links which means if you buy, I may receive a small commission from the sale. This does not cost you anything. I only recommend products I 100% believe in.

Secure file Storage for your Bookkeeping Business

First off, let’s step back and talk about what’s important to look for in a cloud file storage system and why you need one. No matter what system you go with, it’s important to do your due diligence. This goes for every software app you use in your business, really. Even though I’ve done this for my own firm, you should still take it upon yourself to educate yourself and make the decision for yourself. It’s also worth mentioning, having a cyber insurance policy is a must. Non-negotiable. Make sure your business insurance policy includes this. Also, don’t email sensitive stuff back and forth. Email just isn’t secure enough. Educate yourself and your clients. I still have clients that try to email a lot of stuff. It’s an ongoing education opportunity.

HOW DO YOU KNOW IF YOUR FILE STORAGE SYSTEM IS SECURE?

There are two reports that any 3rd party software provider you work with should be able to provide:

1. SOC 1

2. SOC 2

A SOC, or System and Organization Control report is a report that certain aspects of an organization have undergone audits for security and controls. Each report covers slightly different aspects of the organization, but due to the nature of information we work with as accountants, I would honestly require both reports. Here’s why:

1. A SOC 1 Audit is focused on internal controls related to financial reporting. So if you store data in your file storage system that flows through to your accounting system or affects financial reporting in any way, the SOC 1 is important. Think spreadsheets that contain information used for revenue calculations or depreciation calculations.

2. A SOC 2 Audit is focused on information and IT Security. So this is where data sharing and secure transfer of files comes into play. What steps has the 3rd party software organization taken to make sure my client’s data is secure? Think about all the sensitive information you have on clients and their vendors: Social security numbers, W2s, etc.

For a really great explanation on the differences of these two reports, this is a good article.

So, if you’re still with me, let’s move onto my file storage system of choice: G Suite. It goes without saying, but G Suite obviously checks the box on the SOC 1 and SOC 2 reports. You can request them by contacting support if you are an existing customer or sales if not an existing customer.

G SUITE FOR BOOKKEEPERS

G Suite is pretty robust and even I am not using it to its full potential. There are a lot more features than what I have listed for, but these are the tools I use and I love that it’s an all in one solution:

• Email—even if you don’t yet have your website set up, as long as you know what you want your domain name to be (and maybe even purchased it), you can start using an email address @yourbusinessname.com. The growth of your business has a lot to do with how you present it. If you have a professional email address customized with your domain, it makes you more credible.

• Productivity Suite—this includes Google Docs, Sheets, Slides, and Keep (shared notes), which virtually eliminates the need for the Microsoft Office Suite. Full disclosure here, though, I still use Excel for certain things, and I use OneNote for note-keeping.

• Surveys and Websites—you also get access to form builder and a website builder, in case you don’t have a website up yet. I could see the potential of creating a simple website and intake form on here for new clients until you get something else set up.

• File Storage—using Google Drive, the basic plan comes with 30 GB of storage. The Business plan gives you unlimited storage. You can share folders with others in your organization and your clients. We’ll get into exactly how I use this below.

This list is not exhaustive of what G Suite provides. For more info and pricing, click here. And if you would like a 20% discount code, shoot me an email!

GOOGLE DRIVE FOR BOOKKEEPERS

1. Download the desktop app—this will make uploading files from your computer much easier, creating a drive on your computer’s file system that syncs with Google Drive.

2. Stick to a file structure—within my Google Drive, I have this structure setup:

   • My Drive

     • Clients

       • Client_Name (I use the legal business name & dba if they have one) Example: XYZ SERVICES, LLC dba ABC Heating & Cooling

         • Permanent File—in this folder I keep the incorporation documents, LLC Filings, EIN Letter from the IRS, State Tax ID letters, etc. If you need to know what you should be requesting, download my Onboarding Email Templates here.

         • Client_Name_Shared—I create another folder with a short version of the client’s name and “shared” added to the end. This is the folder I actually share with the client for them to drop files in, and where I store the shared financial reports & other sensitive documents with them instead of emailing.

         • YYYY-MM—I keep a file for each year and month of accounting we do for the client, and when a full year is completed, I create a YYYY folder and move them all over. Anything you use to work on your clients, backup documentation, bank reconciliation reports, etc. all goes in here.

         • Meeting Agendas—this is pretty self explanatory; this is where I store the monthly or quarterly meeting agendas. This post talks about this process in more depth.

         • Planning—if you provide any type of tax planning, goal setting, or budgeting services for your client, those would get their own folder.

         • Anything that doesn’t fall into these categories usually gets left out loose in the client folder. Things like a spreadsheet I use every month for calculating depreciation or amortization of a loan, prepaid expenses, etc.

3. Stick to a file naming convention—however you decide to name files, try to stay consistent. I will admit, I’m not always the best at this, but in general, I use the following conventions:

   • YYYY-MM_CompanyName_File_Name.datecreated—so for a January 2020 financial statement excel file, it would be: 2020-01_XYZ Company Financial Statements_2.15.2020.xls

     • YYYY-MM—I only use this at the beginning of the file for files where the time period matters, like financial statements, bank statements, etc. If the file refers to the whole year, I drop the MM.

     • .DateCreated—I only use this at the end of files where version control is important, or for the date a contract is signed.

4. Enable 2-factor Authentication—this goes for all apps, not just G Suite. Remember that we are entrusted with sensitive data and information. Safe guard that sh*t.

SUMMARY

No matter which file storage system and other software you use, remember a few key points:

• Select a secure file sharing system to share sensitive data with your clients. Don’t email this stuff!

• The company should be able to provide you with SOC 1 and SOC 2 Audit Reports. Do your due diligence in software provider selection.

• Invest in Cyber Liability Insurance for your business.

• Safeguard your client’s data and information as if it were your own (or better).

Remember to email me for a G Suite discount code!