There must be a better way.
By Seth Fineberg
Email has always been an albatross of sorts for firms. Most firms use it as their primary source of communication and are under the belief that they are “secure” if they use encryption. Add the fact that having personally identifiable information on your machine is illegal, which equals one thing: You’re doing email wrong.
MORE FINEBERG: Careful… You May Be Advising! | When Live Events Fail | Getting Real: Accounting Tech Decisions You Need to Make Today | Who’s in Control? You? Or Your Clients? | Time Management Rule #1 for Accountants | Why VC Is a Bigger Threat Than AI
MORE on EMAIL & CYBERSECURITY: Why Business Email is Doomed | The 7 Categories of Cybersecurity Solutions Firms Need | The Why, What and How of Cybersecurity for Accountants | Top Tech Tools for Building Your New BOS Business | Yes, AI Writes Better Emails | SURVEY: Records Management Tops Email Challenges | Three Apps for ‘Inbox Zero’
Exclusively for PRO Members. Log in here or upgrade to PRO today.
Email was never meant to be this nebulous communications zone. Nor was it intended to be a source of truth or document and communications exchange storage. And now, with new data security laws, there are strict controls on how to use email.
Sure, firms have increasingly used portals for security purposes as a clearinghouse for all digital document exchange and even client communications. But we all know getting clients to use your portal consistently is rarely the case and can sometimes seem like herding cats.
So, what can you do to stay compliant and feel like you have some control over data security in exchanging documents and essential information? But you might think, “We encrypt all of our emails.” As mentioned above, it’s not a bad idea, but encryption only works one way, so unless your client is also sending you an encrypted email, it may not have the desired effect.
Some firms have also blocked all attachments, which can be easily done in your email program. The sender receives a simple notice informing them that you are not accepting attachments, and you can then have a link to a client portal in the alert.
But then, another issue arises.
The very nature of messaging these days comes in various forms, from email to SMS. How do you even keep tabs on who sent what, from where, and keep it in chronological order? There are numerous situations where a staffer may be in a line of communication with a client, but then they’re out or often dropped from an email string at a crucial point. It’s on a deadline, or a problem will arise, and you need that communication string to keep track of where a key document or instructions may be.
My point is that relying so much on email communications and SMS from clients or between staff can get messy, even outside compliance issues. For those that use Liscio as their portal, there may be a way around the mess.
Liscio was designed to disrupt email, but firms still want all or nothing, which, as we said, doesn’t exist. Small firms may be able to keep better controls, but as they grow or as you move up the chain in firm size, it gets increasingly more challenging.
Liscio’s new beta Timelines feature allows users to embed Gmail or Outlook inside their app. It then auto-associates client emails with a specific client on the account and places a time and date stamp. So you can chronologically follow the communication exchange. In short, a manager can review the full communication stream without trolling through or asking the client.
The manager can go into the app, pull up a client, and see everything about that client. Effectively, you have a single source of truth.
Because a staffer has that email hooked up with Liscio, it is secure and doesn’t need to be in the inbox. The original email can then be deleted, and responses can be via Liscio, removing personally identifiable information from your inbox or email folder.
The interaction is not all that dissimilar to sharing and commenting on a document in Google Drive. The recipient doesn’t need to worry about security because it’s already in a secure environment. You no longer need to worry about someone missing an important message because they were merely BCC’d or about moving things between email and SMS platforms.
Is this going to stop clients from attaching and sending things to you? No.
But it can be a gradual thing. Like anything new, it can take time. Ultimately, you can train clients and staff to share communications and documents in such a way that keeps you compliant and the data secure.
Sounds like a much better situation to me.
