Practice Management Security Is a must In a hybrid environment Read the Article Open Share Drawer Share this:Click to share on Twitter (Opens in new window)Click to share on Facebook (Opens in new window)Click to share on LinkedIn (Opens in new window) Written by Roman Kepczyk, CPA.CITP, CGMA, PAFM Modified Jun 15, 2022 3 min read Recently, I participated in the CPA Consultants’ Alliance (CPACA) foru The CPACA “is a working group of thought leaders united in their efforts to further leadership within the CPA profession,” and consists of 15 of the industry’s leading management consultants focused on improving the accounting profession. During the forum I led, I focused on technology updates that will be useful to CPAs and accountants alike. Below are my key takeaways. Security must be a priority Phishing, smishing (phishing via text message,) and social engineering attacks are getting more sophisticated every day. Between targeted attacks from bad actors claiming to be IRS professionals to the increased potential for a Russian-led cyberattack, how does anyone stay safe? Here are a few ways accounting firms can maintain security: Require all firm employees to attend regular security training. Implement advanced identity management solutions, such as multi-factor authentication. Mandate password rules, such as: Passwords must be at least 12 characters. Passwords must never be reused. Use a password handler to securely store saved, unique passwords (For example: LastPass, Keeper, 1Password and Dashlane). Does your accounting firm maintain its own server? Ask your IT team if they have sufficient resources to maintain their own server. In my experience, a vast majority of firms don’t have enough resources to secure their own on-premises server. Mitigate risk by either: Outsourcing and hiring a professional managed security services provider. Moving your infrastructure to the cloud, where enterprise-level security is already in place. Hybrid work structure is permanent Hybrid work is here to stay. Regardless of the type of work your firm personnel are responsible for, you must ensure that each of them has the tools they need to get their work done, whether they’re in-office, at home, or on the road. What do accounting firm personnel need to securely work from anywhere? Standardized equipment: It’s easier to troubleshoot equipment issues when everyone uses the same equipment. Check out some of the best equipment accounting firms are using in 2022. Digital data: All data should be digital. What’s non-digital data? Non-digital data isn’t located on a computer or server. If you’re still communicating data updates via hard copy, snail mail, or other means, it’s extremely unsafe and leaves your firm, your clients and your personnel open to risk. One theft or flood could spell out the end of your business, forever. So by default, all data should be digital. Digital collaboration must also be prioritized, so all personnel work equally effectively both with firm personnel and external clients. Consistent production processes: Establish workflows and ensure all of your accounting firm employees use these production processes. This improves productivity and makes sure people are equally effective whether in the office, at home, or on the road. The internet: Educate your employees about the dangers of public Wi-Fi. When out and about, the safest way to connect to your accounting firm’s resources is through your phone’s hotspot. At home, make sure that your internet has solid bandwidth to quickly handle your work. Notably, 42% of CPA Firm Management survey respondents said that their firm provided them with a $30-$50/month stipend to help offset the increased cost of Internet data plans. The cloud: Move everything over to the cloud and use a cloud-hosting provider to ensure that your cloud-hosting environment is secure and backed up. Security is more important than ever in our hybrid work environment My two main overarching themes for the presentation were the importance of accounting firm security and how hybrid work is here to stay. Put together, these two themes carry even more weight. Even when we were all in the office, accounting firms were at an increased risk of attack because of the information they maintain. They—we—are the cornerstone of the economy and hold our clients’ most business-critical information in our digital grasps. Nowadays, we’re everywhere. We’re working at home, in the office and on the road—so we must update our security procedures to fit. Hopefully, my overview taught you a thing or two about easy changes to implement at your firm. Editor’s note: This article was originally published by Right Networks. Previous Post Getting your tax and accounting firm ready for retirement Next Post Our 5 best data security tips Written by Roman Kepczyk, CPA.CITP, CGMA, PAFM Roman H. Kepczyk, CPA.CITP, CGMA, is director of Firm Technology Strategy for Rightworks, and partners exclusively with accounting firms on production automation, application optimization, and practice transformation. He has been consistently listed as one of INSIDE Public Accounting’s Most Recommended Consultants, Accounting Today’s Top 100 Most Influential People, and CPA Practice Advisor’s Top Thought Leaders. More from Roman Kepczyk, CPA.CITP, CGMA, PAFM Comments are closed. Browse Related Articles Tax Law and News Annual inflation adjustments for TY24 and TY25 Practice Management Intuit is committed to your success Practice Management Lacerte® Tax spotlight: Karl J. Strube, CPA Practice Management ProConnect™ Tax Online spotlight: Alejandra Matias Practice Management ProConnect Tax Virtual Bootcamp: Jan. 15-16 Webinars Navigating Common IRS Red Flags: Jan. 20 Webinars Pay-by-Refund: Jan. 20 Webinars Practical Security Checklist: Jan. 14 Tax Law and News January 2025 tax and compliance deadlines Workflow tools On the Books podcast: Merry books-to-tax season