Better secure than sorry
community. Over the past few years, and
especially the past six months, it has seen a
large spike in its data storage business — par-
ticularly from the CPA channel. Nate Cote,
Kanguru’s vice president of product manage-
ment, noted that his company’s flash drive
has been in high demand. “Essentially if you
are part of a 10-person CPA firm going out in
the field, you won’t have to bug the IT depart-
ment [for passwords or connection], you just
plug and go,” Cote explained. “A splash screen
comes up, you get asked for a password, then
it opens a new drive, drag and drop, you close
it and leave. And if it’s lost, the drive will de-
lete itself if the password is entered incor-
rectly too many times.”
Atlanta-based nuBridges Inc. provides data
security for stored data-like applications, da-
tabase files and for data in transit. “We give
companies a safe harbor by encrypting the
information and securing the encryption
keys to the data, meaning that if the data is
compromised/breached, it’s useless to who-
ever gets it,” according to vice president of
product services Gary Palgon.
Palgon suggested that CPAs should look to
their own application providers for the initial
security of documents, assuming it’s a CPA-centric application and not just, for example,
Microsoft Office documents. For the latter,
they have to utilize other forms of security
on those documents, of which there are a few
vendors and solutions on the market.
Other kinds of data security products on
the market that are gaining popularity include secure e-mail services and file storage
and transfer services like Newark, Calif.-based LeapFile Inc. and Raleigh, N.C.-based
ShareFile, especially for those organizations
that don’t have the I T infrastructure to set up
and maintain secure client portals for secure
collaboration and exchange.
“Organizations must do some upfront
homework, however, to confirm that the
third parties they intend to work with are
reputable and have the appropriate policies,
procedures, steps and certifications to ensure
data is handled confidentially,” said David
Cieslak, principal at Simi Valley, Calif.-based
consultancy Arxis Technology Inc.
He claims that if firms are handling client
data well, it’s not uncommon for clients to
ask for recommendations: “After all, CPAs are
trusted advisors, and if they have done their
due diligence regarding a third-party offering, then clients are happy to take advantage
of their CPA’s perspective and recommendations,” Cieslak said. AT
technews
BY SETH FINEBERG
These fears, coupled with the rise in state
and federal regulations concerning the electronic transfer of unencrypted data — not to
mention the high cost of violating these rules
— have more CPA firms turning to data security software and services for assistance.
The first such law governing the transfer of
unencrypted data was passed in California
in 2003; currently, 44 states and the District
of Columbia have some form of the law that
protects state residents, regardless of where
the data breach occurred. Most states now
provide for a civil or criminal penalty for willful failure to notify a customer of a breach.
Penalties for violating data security rules can
reach as high as $500,000, though according
to the Identity Theft Resource Center, a nonprofit group that assists ID theft victims, the
average cost per record breached is $202.
“Up to 86 percent of U.S. medium-sized
businesses reported a security breach or
data loss in the last 12 months,” said Nichelle
McKenzie, a research analyst at New York-
based technology consulting concern Access
Markets International Partners Inc. “The cost
to these companies is about $7,000 per year.”
nology Professional at Red Bank, N.J.-based
WithumSmith+Brown. Bourke also chairs the
CI TP accreditation board.
Bourke said that WSB strictly prohibits the
e-mailing of private client data to third par-
ties. Instead of taking the encrypted e-mail
route, they chose to establish client portals.
The client portal is a secure and locked-down
site, accessible by clients 24/7, containing all
of their confidential and personal data.
“We’ve seen a tremendous increase in the
volume of data being exchanged between
our clients and our staff,” noted Mark Baker,
Concerns over the safety and security of client data, as well as
their own data, have increased among CPAs recently.
New regs make data security a priority
RED WING ADDS MODULE TO
CENTERPOINT ACCOUNTING
Red Wing Software has released CenterPoint Ratio Module for CenterPoint
Accounting. The Ratio Module allows
users the ability to track and analyze the
overall financial condition and trends of
their businesses over a period of time. A
wide variety of industry-standard ratios
are included to calculate the financial
analysis patterns and the comparisons of
benchmarks in a business. For more, visit
www.redwingsoftware.com.
‘As soon as
CPA firms
understand
the issue,
they will act.’
PKF JOINS DYNAMICS NETWORK
HOUSTON — CPA and business advisory
firm Pannell Kerr Forster of Texas has
joined Partner Power, the global Microsoft Dynamics organization. The Partner
Power organization covers more than 50
countries around the globe, and membership enables PKF Texas to service and
support existing and future multinational
customers. PKF Texas’ top 10 Dynamics
NAV customers are global companies,
and they will now be able to access
services internationally through Partner
Power. Within the Partner Power international network, PKF Texas will be referred
to as Partner Power in the Southern U.S.
For more, visit www.partnerpower.biz.
EDUCATING THE PROFESSION
For the CPA community at large, continued
education on these issues is what’s needed
most, and what technology consultants like
Randy Johnston are trying to do.
“Generally, the clients are not asking the
CPAs for help on this issue, as many of them
already have systems in place to deal with
their businesses,” Johnston said. “As soon as
CPA firms understand the issue, and the po-
tential liability, they will act.”
In addition, in response to growing de-
mand from CPAs, the American Institute of
CPAs, through its IT Section, has been provid-
ing a tremendous amount of content, includ-
ing guidance, best practices, webinars, direct
links to federal and state regulations, and a
continually updated map depicting states
with security breach legislation.
“CPA firms are absolutely concerned and
affected by these rules,” echoed Jim Bourke, a
partner, CPA and Certified Information Tech-
chief information officer at Milwaukee-based
CPA and tech consulting firm Wipfli. “The
real concern and greatest risk lies with the
human factor. Social engineering (tricking
a user into doing something through seem-
ingly legitimate means) or accidental errors
(wrong e-mail address, accidental loss, etc.)
are impossible to foolproof,” he said.
ADP TO ACQUIRE DO2
Payroll giant ADP has agreed to buy DO2
Technologies, a Calgary, Alberta-based
company that provides electronic invoicing software. The acquisition is expected
to help ADP expand its position in the
procure-to-pay market. Terms of the deal
were not disclosed. The Software-as-a-Service technology acquired from DO2
handles the procure-to-pay function, from
purchase order integration and transaction processing to discount management,
approvals workflow, and payment.
CPAS GET SECURE
Data storage companies like Millis, Mass.-based Kanguru Solutions are seeing significant growth in their business from the CPA
NEW RECORDS MGMT. PRODUCT
5280 Solutions has released DynamicRM,
records management software that
integrates with Microsoft’s SharePoint collaborative software. The software is designed to manage electronic and physical
records within a SharePoint framework.
Features include file plan visualization.
For more, visit www.5280solutions.com.
