CPAFMA concluded the 2015 Technology Fly-In on November 11, 2015 presented by industry leaders with a focus on CPA Firm Technology Best Practices, Network Infrastructure, and Security Best Practices. CPAFMA Advisory Board Member Roman H. Kepczyk presented “CPA Trends: Strategic IT Response” and the “CPA Digital EcoSystem”, Security Expert Eric McMillen presented "Your Security Response,” and Xcentric COO Christian James presented an update on today’s “IT Infrastructure/Data Center.” Below we have summarized the highlights from each program designed specifically for accounting firms.
CPA Trends: Strategic IT Response: Security continues to be a primary concern for partners and Roman suggested that all firms mandate an annual review of their personnel/security policies and provide mandatory training on how to minimize the firm’s security exposure. He found that firms are once again investing in technology and recommended firms invest in solid state drives, faster i5/i7 processors, at least 8Gb or RAM for all new workstations, and to invest in oversize monitors with higher 3K and 4K screens to replace older screens and to optimize the eventual transition to Windows 10 in 2016. Remote access best practices built on cloud technology and 4G cellular provided the ability to work any place and any time were becoming ubiquitous so firms were encouraged to re-evaluate and update their systems. Ergonomic considerations were highlighted as many firms started adopting standing desks. The group noted the increase in mergers and acquisitions and Roman shared the key ramifications of making them successful from an IT perspective based experiences facilitating firms in the past year. The session concluded with tips on optimizing best practices by proactively creating a learning culture so they could be consistently and efficiently adopted.
Your Security Response: Leading security consultant to CPA profession Eric McMillen started with highlighting his top five CPA firm vulnerabilities: employees, unsecured mobile access, cloud storage applications, third party providers, and malicious attacks. Employees are responsible for approximately 2/3 of security breaches, including social engineering which consisted of not only phishing and pharming emails, but also physical breaches such as walking in with a FedEx shirt bought from eBay. This points to the need for firm personnel to check IDs and escort strangers to their end location in your office. Eric stated that while many firms do well on the infrastructure basics, they often miss mitigating human factors. Firms should consider doing credit checks on employees even after hiring, as individuals can get into financial difficulties which could make them desperate enough to commit fraud and sell off internal data (client profiles). Eric also pointed out the importance of locking screensavers and secured passwords as people that are going to commit a crime would want to do it on someone else’s login to minimize their exposure. From a network perspective, firms can mitigate a lot of hacking attacks by blocking emails/contact from overseas servers (in countries that you don’t have clients).
CPA Digital EcoSystem: The transition to a “paperless” environment has not been smooth for some firms and Roman shared the roadblocks that firms ran into and why many of the firm’s adopted processes that need to be looked at with a fresh set of eyes taking advantage of today’s applications and hardware. The tenants of Lean Six Sigma (LSS) were applied specifically to CPA Firm tax, audit and administrative production processes and key tollgates were identified including discussing ways to measure improvement and hold personnel accountable to the new procedures. Roman then walked through specific improvements he has identified with his LSS consulting in firms this past year and tied out best practices to findings of the 2015 CPAFMA Paperless Benchmark Survey. Roman also shared updates and announcements from both the Thomson Reuters and WoltersKluwer/CCH User’s Conferences, which were held the week before the CPAFMA Technology Fly-In.
IT Infrastructure/Data Center: The second day of the Fly-In was focused entirely on internal IT infrastructure, disaster recovery, and managing IT staffing which Christian James walked through from both an internal and outsourced perspective. Firms were once again investing in infrastructure and utilizing a hybrid of on-premise and cloud providers with more considering Office 365, particularly for Exchange/Email. He found that the transition to VMware for server virtualization was much more stable than experiences with CitrixZen and Microsoft HyperV. He also found that from a private cloud perspective that limiting the number of users for virtual servers to under ten users significantly improved production compared to configuring virtual servers with more RAM/Processor to be able to handle fifteen users and the importance of configuring an extra server to handle capacity and any system failures. The group discussed that rebooting servers nightly measurably improved end user functionality and walked through network specific tools including resources from WoltersKluwer/CCH and Thomson Reuters to resolve specific application issues (and workarounds) they found effective.
Conclusion: The Technology Fly-in provided a unique opportunity for IT Partners, network administrators and industry experts to network and specifically ask questions to identify and share best practices to help improve their firms.
The next Technology Fly-In will take place in conjunction with the 2017 National Practice Management Conference. A series of MAPCasts conducted by the leading technology consultants will take place in the fall of 2016.