| |
||
| April 15, 2005 | The
Newspaper of the NYSSCPA |
Vol.
8, No.7 |
The AICPA’s Top Technologies for 2005
By Roman H. Kepczyk
Information technology (IT) continues to have an increasingly important role in how CPAs run their organizations and service their clients. In that light, the American Institute of CPAs created a process to predict those technologies and related issues that will have the most significant impact on how accountants work, with the goal of educating members on those technologies. The following are the top technologies for 2005, with guidance on how those items could impact practices in the year ahead.
1. Information Security: It comes as little surprise that security remains at the top of this list for another year. CPAs control a significant amount of financial information on their networks and this information could be extremely valuable if not protected, so it is their responsibility to do so. Protection begins with proper procedures to lock down data on the network so that unauthorized individuals do not have access. Changing passwords on a frequent basis (six months or less) and utilizing screensaver passwords on workstations are a minimum requirement. The latest security network patches and procedures should be implemented to minimize exposure to the outside, and a professionally installed and maintained firewall is an absolute must for practices. Organizations that do not have the prerequisite skills in-house should work with an external network integrator or organization that specializes in information security services.
2. Electronic Document Management: EDM describes the process by which firms capture, index, store, retrieve, search and otherwise manage digital documents. This is often referred to as the “paperless” office, even though “less-paper” or digital office would be a more accurate characterization. Practices should be capturing information as it is introduced into the organization either through digital faxes, e-mailed documents or scanning of physical documents for permanent archival in a PDF or similar digital format. Organizations must standardize file naming conventions and directory structures, so that it is easy for any firm member to properly name and store a document, as well as find it. Document management applications store these documents and make them searchable by key words; incorporate work flow processes; and include digital document destruction procedures as an integral part of the firm’s document retention policies.
3. Data Integration: Data integration describes the processes by which data from different applications can be connected to get more use from the information or reduce the time spent rekeying it. Within the context of CPA firms it would include the seamless or automatic transfer of client information between practice management, audit engagement and tax applications, so that, for example, a name or address change in one file would flow through to the others. While the databases within the various products may be managed in completely different architectures, the data fields are linked in such a way that changing one automatically transfers and updates the information at the other locations.
4. Spam Technology: CPAs rely heavily on e-mail for communicating with clients and transferring information among personnel. Unfortunately, the volume of unsolicited e-mail, or spam, is clogging e-mail mailboxes and wasting significant amounts of staff time. With the volume of spam increasing and the methods used by spammers to deliver e-mail becoming more sophisticated, firms must implement anti-spam solutions to counter this trend.
For medium to large organizations this most likely will entail outsourcing the initial screening of e-mail to third parties whose primary business is filtering spam. All e-mails for the firm are re-directed to the filtering company, where “blatant” spam and any known viruses are filtered out prior to being delivered to the organization’s e-mail servers. The firm also most likely will choose to have a spam filter in place on its e-mail servers to manage questionable items such as newsletters and industry-specific e-mails, which may or may not be requested by firm members, all with the intent of reducing the amount of spam affecting individual users. For smaller organizations and individual e-mail users, personal spam filters are the most likely solution. Some of these filters rely on lists of known or identified spam senders, key words or other means such as breaching a “score” that is predetermined by client criteria.
5. Disaster Recovery: CPAs today are extremely reliant on their IT infrastructure to service clients. Any loss in the ability to access network resources translates directly into lost profitability, so firms must do all they can to protect their information network. This begins by first ensuring that all data is backed up, verified and stored offsite in a format that is easily accessible in the event of any disaster. The firm should also develop a business continuation plan that outlines the network infrastructure and includes processes to rebuild the infrastructure if necessary. There are a number of templates available through organizations such as the SANS Institute and the AICPA that can assist in this process, which should be coordinated with the organization’s external network support group.
6. Collaboration and Messaging Applications: These applications include tools that allow individuals to communicate and share information effectively in an electronic format. E-mail has become almost universal among business people to converse and transfer information, and its close relative instant message (IM) allows collaboration in real time with minimal system overhead. Messaging applications have evolved to allow users to treat voice mail like any other electronic document and either play them in their native format or convert them to text, depending on the user’s needs.
7. Wireless Technologies: There have been significant strides made in recent years allowing organizations to utilize wireless technologies to be more effective. Within firms, the 802.x or WiFi standard allows for computers to be “untethered” from the network to allow users to move about freely with their computers and still access network resources as long as they are within range (usually 300 feet) of a wireless base station. The speed of data transfer can be as high as 54Mbps for newer systems, but many perform significantly slower than this. This same WiFi technology allows individuals outside of the office to use public wireless access points, often found within airports, hotels and coffee shops, to connect to the Internet to access the firm and send e-mail. While there is still much concern about the security ramifications of utilizing wireless, many firms have been successful in securing their information by utilizing proper encryption and training users on the dangers.
Wireless technologies also refer to digital broadband networks being built similarly to the cellular telephone infrastructure, which allows individuals to wirelessly access their firms from a much broader coverage area. While these solutions are too slow in most markets to work connected directly to the firm, the speeds are increasing and it is only a number of years before any worker who wants to access firm resources can do so from virtually any location.
8. Authentication Technologies: These technologies are defined as the hardware, software, processes and procedures in place to protect a person’s privacy and verify that a person is who they say they are. With the explosion of identity-theft crimes and concerns about protecting information stored in computers, authentication technologies are evolving to counter these threats. While passwords provide a basic form of authentication, they can easily be captured and duplicated, which is not the case with biometric authentication tools such as fingerprint or iris scanners. With time, these tools will be built into today’s equipment to make them easy for even the least technologically astute individuals to utilize.
9. Storage Technologies: As CPA firms transition their information to a digital format, both the size and number of files stored on the firm’s network increases dramatically. This increase in size forces many firms to evaluate different storage technologies as their needs outpace the capacities of their existing infrastructure. While smaller organizations can rely on media such as CD or DVD ROM drives, most will rely on tape systems to make backups and archive data. For those with large archival needs, Internet-based services are evolving to allow firms to store all, or a portion, of their data files, to minimize the actual number of files maintained within the organization. For live maintenance of files on servers, the standard is still RAID drives (redundant array of inexpensive drives), which allow firms to provide redundant storage as well as easily expand their storage requirements. For larger storage requirements, there also are storage area networks (SAN) and network attached storage (NAS). Storage technologies also include mobile storage devices that would include portable hard drives and USB data fobs that are replacing floppy drives, CDs and proprietary data backup tools.
10. Learning and Training Competency: With technology being introduced at an increasingly faster rate, it is imperative that CPAs make a conscious effort to understand and utilize those technologies within their organizations. The best firms have a structure in place to identify the most effective client service processes and standardize them as part of a “learning organization” concept. These firms also have a person who is dedicated to training firm personnel and developing an ongoing learning curriculum to optimize the effectiveness of each individual. In addition to teaching best practices, this individual also is responsible for documenting these practices so that the firm’s knowledge is captured and standardized for all users.
Throughout 2005, the AICPA’s Information Technology Membership Section will issue articles and practical guidance on how top technologies can be implemented within organizations. This guidance will include the names of tools and applications as well as end-user experiences with them. It is important to have at least one member of your organization responsible for staying abreast of top technologies as they evolve, and of how they might best benefit your firm.
Roman H. Kepczyk, CPA, CITP, is president of InfoTech Partners North America, Inc. (www.itpna.com), a consulting firm working exclusively with CPA firms on their internal technology utilization and their transition to a digital or “less-paper” environment.
