Become a Partner
Back to cases overview

How accountant Erwin Gritter is securing the client and company data of ZMGroep

ZM Groep

‘The emails containing Dropbox documents turned out not to be from my client.’

In practice, the accountant or tax specialist is increasingly more often a confidant than just a financial or tax expert. This is also experienced by Erwin Gritter, an independent tax specialist at ZMGroep for more than 20 years. He notices that the current digital way of working leads to a greater risk of cybercrime. As far as he is concerned, accountants and tax specialists in particular must make it clear that their client and company data are well secured.

We asked him about how he handles confidential data, what cyber risks he sees and how he covers them as a tax specialist. Tax specialists are not IT specialists, but he explained that it is important to make sure things are as secure as possible.

Confidential data of clients

Gritter explains about his work and the data involved: “We provide tax advice and help companies put the right financial structure in place. That means we know the financial dealings of entrepreneurs both privately and professionally.”

He explains that this means a huge responsibility. “First of all, we handle all client data confidentially. In addition, we understand that precisely this data must not end up on the street, because privacy is extra important in this case.”

The world of accountants and tax professionals has changed in that regard. About 25 years ago, everything was just on paper, so you could literally keep that under lock and key, he explains. Nowadays, everything is digital, so that requires a different kind of security. “Moreover, many of our clients experience us as their confidant, for much more than just financial or tax expertise,” Gritter adds.

How do you deal with cybersecurity?

He knows the risks of cybercrime, at least in outline. “You hear stories about companies being held digitally hostage or shut down, of course you want to avoid that. We don’t want to get into trouble with our firm, but more importantly, we don’t want client data to end up on the streets.”

Awareness among accountants and tax specialists is increasing, he feels. He describes how financial data in particular can be a prime target for cybercriminals.

“That’s why I outsourced that to our IT manager. After all, just because I recognize the dangers doesn’t mean I can do anything with them. I regularly ask him how we are doing. I ask him if we are at risk with the way we work, how we cover those risks and if more needs to be done for that.” It is his IT manager who deals with this on a daily basis, alerting him to new risks or when vulnerabilities are imminent.

Digital works easier, but makes more vulnerable

“Digital obviously works much easier and faster, but it also makes us more vulnerable,” Gritter says. He is referring to the extra security required. More time goes into regulations and other peripheral matters, which means that our own profession disappears a little further to the back.

“Basically we do everything online and via e-mail. That’s very user-friendly and convenient, but it also carries risks. As a result, I have to be more concerned with the potential dangers, regulations that apply and solutions that are available.” Laughing, he adds, “Sometimes I still long for the days when everything was just printed on paper.”

Own experience with cyber threat

Asked about his own experience with cyber threat, an incident immediately springs to mind. He describes how threats suddenly arose a few years ago, during an acquisition project for a client.

“We received a lot of emails with Dropbox documents, to go through. Those went mostly to my colleague, but suddenly I was receiving them too. They were legal documents and indeed that is normally my expertise, so that was not suspicious at all.” Yet the documents turned out not to have come from the client. Hackers had managed to hack the client, and sent documents to Gritter from that e-mail address.

Direct inquiries with the company’s own IT manager fortunately learned that no problems had arisen. “There appeared to be nothing wrong for us. Of course, we did become even more careful and secure ourselves even better against such threats.”

He explains how, as an entrepreneur, you need professional solutions for this. “You cannot possibly call someone after every e-mail to ask if he or she has indeed sent the message. That’s the opposite world; it should be much easier to do that with a good security solution. Of course, in the case of this direct threat, we did contact the client to be able to take immediate actions as well.”

Experience with Guardey

Gritter found that solution in Guardey. “I would describe it as important, innovative and developing,” he replies when we ask him about what Guardey stands for to him.

The software helps us keep threats out as much as possible. In addition, the detection alerts us when something might be going on. Our IT manager then deals with that, so as a team we have that well taken care of.”

He also notices that there is a push from industry associations to get started on this. “Both the RB as a professional organization for tax specialists and the SRA for accountants regularly point out the risks of cybercrime. They do so, for example, in their newsletter, in which they point out what is going on and keep companies informed.”

According to him, there is still a world to be won when it comes to cyber threats and proper protection against them. “Socially, we may have a role. We as tax professionals and accountants should protect both ourselves and clients. We are their confidants, both for tax and financial questions and more than that. Good security against cybercrime is then just something clients should expect from us as a minimum.”

Let us help you protect your business

No matter the industry you are in, you just want to focus on what you're good at. So do we. That is why Guardey is there for you.

Request demo

Frequently Asked Questions

What is Guardey in short?

You just want to know what Guardey is, in a few lines, not scrolling through the whole website. We got you covered. Here you are:

Guardey focuses on three parts of your cyber security:

A safe and encrypted VPN connection via Guardey’s secure infrastructure or a Site-to-Site VPN.

We analyze information packages from the data going through the VPN tunnel, give clear insights into your data infrastructure, and provide alerts in case of threats like ransomware, viruses, and irregularities in your network.

Your cyber security is as strong as your weakest link. With Guardey, you can educate your whole team and increase awareness in a fun and efficient way through gamification.

It’s an advanced software as a service with applications for Windows and Mac OSX and an online platform for reporting and managing your teams and company policies.

How does the free trial works?

Your free 14-day trial with Guardey is based on our Basic plan. In our basic plan, all the alarms will only be available for yourself or your own company, and you manage the alarms in-house. We don’t need any payment information to start your trial, and you can invite as many users as you want.

The majority of SMEs don’t have an in-house IT department or a team of cyber security specialists. Therefore we also offer Guardey co-managed and Guardey custom. In both plans, you are able to connect Guardey to a preferred Guardy IT partner or, of course, your own IT partner.

They can semi or fully manage the alarms and the health of your infrastructure so that you can focus on your business.

After your 14 days of the free trial, you can decide if you want to continue with a paid plan. Upgrading during your trial period means you stop your trial and upgrade to a paid plan. You need a verified payment method to upgrade.

How can I pay after the trial period?

We don’t ask for any payment information to start your trial.

If you want to upgrade during or after your free trial to a paid plan, you can use one of the below payment methods:

  1. Credit cards (Visa, MasterCard, American Express, Maestro, PostePay, Cartes Bancaires)
  2. PayPal
  3. Direct Debit (iDeal SEPA)
Can I up- or downgrade to a different plan?

Yes you can! You can always upgrade immediately and costs are calculated pro-rata on your next invoice. A downgrade will be effective from your next payment period.

Want to ask more questions?
Get a personal demo

Get the latest resources & news, delivered directly to your inbox.

Anouk ter Harmsel

Let's protect your business!

  • Try completely risk free
  • 24/7 support
Start 14-day free trial