Recently, I participated in the CPA Consultants’ Alliance (CPACA) foru
The CPACA “is a working group of thought leaders united in their efforts to further leadership within the CPA profession,” and consists of 15 of the industry’s leading management consultants focused on improving the accounting profession.
During the forum I led, I focused on technology updates that will be useful to CPAs and accountants alike. Below are my key takeaways.
Security must be a priority
Phishing, smishing (phishing via text message,) and social engineering attacks are getting more sophisticated every day. Between targeted attacks from bad actors claiming to be IRS professionals to the increased potential for a Russian-led cyberattack, how does anyone stay safe?
Here are a few ways accounting firms can maintain security:
- Require all firm employees to attend regular security training.
- Implement advanced identity management solutions, such as multi-factor authentication.
- Mandate password rules, such as:
- Passwords must be at least 12 characters.
- Passwords must never be reused.
- Use a password handler to securely store saved, unique passwords (For example: LastPass, Keeper, 1Password and Dashlane).
Does your accounting firm maintain its own server?
Ask your IT team if they have sufficient resources to maintain their own server. In my experience, a vast majority of firms don’t have enough resources to secure their own on-premises server.
Mitigate risk by either:
- Outsourcing and hiring a professional managed security services provider.
- Moving your infrastructure to the cloud, where enterprise-level security is already in place.
Hybrid work structure is permanent
Hybrid work is here to stay. Regardless of the type of work your firm personnel are responsible for, you must ensure that each of them has the tools they need to get their work done, whether they’re in-office, at home, or on the road.
What do accounting firm personnel need to securely work from anywhere?
- Standardized equipment: It’s easier to troubleshoot equipment issues when everyone uses the same equipment. Check out some of the best equipment accounting firms are using in 2022.
- Digital data: All data should be digital. What’s non-digital data? Non-digital data isn’t located on a computer or server. If you’re still communicating data updates via hard copy, snail mail, or other means, it’s extremely unsafe and leaves your firm, your clients and your personnel open to risk. One theft or flood could spell out the end of your business, forever. So by default, all data should be digital. Digital collaboration must also be prioritized, so all personnel work equally effectively both with firm personnel and external clients.
- Consistent production processes: Establish workflows and ensure all of your accounting firm employees use these production processes. This improves productivity and makes sure people are equally effective whether in the office, at home, or on the road.
- The internet: Educate your employees about the dangers of public Wi-Fi. When out and about, the safest way to connect to your accounting firm’s resources is through your phone’s hotspot. At home, make sure that your internet has solid bandwidth to quickly handle your work. Notably, 42% of CPA Firm Management survey respondents said that their firm provided them with a $30-$50/month stipend to help offset the increased cost of Internet data plans.
- The cloud: Move everything over to the cloud and use a cloud-hosting provider to ensure that your cloud-hosting environment is secure and backed up.
Security is more important than ever in our hybrid work environment
My two main overarching themes for the presentation were the importance of accounting firm security and how hybrid work is here to stay.
Put together, these two themes carry even more weight.
Even when we were all in the office, accounting firms were at an increased risk of attack because of the information they maintain. They—we—are the cornerstone of the economy and hold our clients’ most business-critical information in our digital grasps.
Nowadays, we’re everywhere. We’re working at home, in the office and on the road—so we must update our security procedures to fit. Hopefully, my overview taught you a thing or two about easy changes to implement at your firm.
Editor’s note: This article was originally published by Right Networks.