Next Generation Accountants and Businesses

Understanding the value and application of information technology is the cornerstone of building a successful “next generation” accounting or consulting practice. Professionals are finding that new opportunities to engage with new and existing clients comes from closer involvement with client financial and operational systems. Collecting and analyzing data, integrating applications and automating data exchanges, and leveraging cloud platforms and services is rapidly becoming the next level of “standardized” service offered by many professionals.

The pace of change is increasing, which makes it increasingly important for business owners to wisely select their technology partners and solutions. While many accounting professionals consider themselves to be the business owner’s trusted advisor, their clients often seek advice on increasing efficiency and reducing costs from software and IT consultants instead.

Yet conditions will change and could force the client business to make adjustments that impact the applications and services supporting the operation. Do the solutions in place have the agility necessary to meet changing business needs, being adaptable enough to meet new conditions or orientations? This is where accounting professionals can help their business clients make the right choices to address current and potential future needs.

Even as information management paradigms continue to shift, accounting professionals can help their business clients achieve better business performance and profitability through innovating workflows and increasing process efficiency. Whether or not the existing systems lend themselves to these efforts remains the question, and represents an area where the professional could provide great value.

Accounting professionals should look at services they can provide to clients that have direct and meaningful impact on operational efficiency and resultant profitability.  These areas represent not simply cost and efficiency improvements, but speak to quality of service and sustainability as well, creating better and repeatable outcomes that can support the operation even as operating conditions may change.

Improving data collection and analysis provides the foundation for understanding more about the operation, and delivers the insight required to identify areas where performance might be improved and then to prove the outcome.

Automating data exchanges and imports, eliminating redundant entry and the potential for manual errors, establishes structure in processes which can then be streamlined to deliver consistent and predictable results.

Utilizing cloud platforms and services allows the business to utilize the infrastructure required to support operations while providing a level of affordable scalability that doesn’t push the business beyond its reasonable boundaries.

What this discussion touches on is the subject of digital transformation and what that really means for small businesses and the accounting professionals who support them.

Rather than performing the accounting and financial work as after-the-fact participants, accounting professionals should help their business clients take a new view of processes and activities performed throughout the business, identifying areas where new approaches can be applied to increase efficiency as well as agility, developing a stronger foundation for growth and profitability. 

From the adoption of paperless and electronic workflows to merging social media with marketing and support activities, digital transformation represents an ongoing effort within a business to fundamentally shift from manual processes to electronic exchange, and expanding considerations beyond physical boundaries to include the virtual, as well.

All of this represents new opportunity and enhanced value for the accounting professionals ready to help their clients become “next generation” businesses.

Make Sense?

J

4 Rules of Thumb for Better Mobile Device Security

Security threats are everywhere, lurking in alley ways and around corners and even in your favorite coffee shop. Yet mobility is in demand, and people will use their smartphones and other mobile devices because it’s convenient, even if company policy suggests against it.

This is a big deal for IT and security professionals and CIOs, which is why it took a while for IT to recognize the need to address mobile device security rather than simply deny mobile device use. With data breaches, ransomware attacks, hacks and information leaks happening on an almost daily basis, businesses must find ways to protect their valuable applications and data from loss or misuse while at the same time enabling mobile device use.

The following 4 rules of thumb are not comprehensive but are four essential rules of thumb to help guide business owners in addressing mobility management and security within their organizations.

Rule 1: Make sure there are clear mobile device use policies and support them with ongoing administration and strict enforcement.

I can’t say enough about having good security and mobile device policies and keeping them modernized, relevant, and actually enforcing them. Too many businesses say they have a “security and use” policy in place, yet it is outdated and doesn’t reflect the actual tools or processes currently in use.  Even more frequently a business will develop a policy just to say it has one, but won’t actually train workers or enforce compliance.

Rule 2: Require and enforce strong passwords, manage access in real time, and force password changes with some frequency.

It is essential that all user access to applications or data be controlled at minimum by password-protected logins to the device and corporate resources coupled with periodic forced password changes. Users often prefer to not require passwords or other authentication for device access, but corporate policy should not only require them but also enforce their use.  Also, user access should be managed in real time, meaning that any aspect relating to access should be disabled or revoked immediately upon employee termination or reassignment. Too often these forgotten chores are relegated to after-the-fact IT administration, which allows users to access resources beyond their rightful boundaries.

Rule 3:  Do something to contain the applications and data on the device.

Whether the approach is with containers, cloud hosting, server-based computing or something else, it is really important to try to “contain” the applications and data accessed from the mobile device. Risk is created when users sync data directly to the device’s storage or install applications directly on the device to access corporate data. Password and other security measures prevent unauthorized access, but allowing applications, credentials or data to be stored directly on the mobile device allows those things to interact with other things on the device.  Containers, hosting and server-based computing models keep the applications and data within secured spaces, often not even storing essential items on the device but only accessing them via the device. This allows the business to provide users with the access and functionality they need to do their jobs, but also reduces the vulnerability of applications and information assets.

Rule 4: Keep device software up to date and download fewer apps.

Updating mobile device operating system versions and release levels is important to make sure the device has the most current security patches and threat protection.   Some mobile OSes even have capabilities which can help keep personal and work apps separated.  Limiting the number of apps users can download to their devices should also be considered. Users may randomly download and install applications to their devices with little regard for the quality or security of the app, and often accept terms of use without really reading them. Consumer apps from app stores may pose risks to data and the device, so IT should check regularly for problematic apps if the device is used to access the corporate network, applications or data.

Mobile and wireless are in demand

Just about every business has people who use their phones and tablets for some business use, and every one of those mobile devices and the apps running on them could open the door for a hacker, ransomware, data theft or compromise. While there are many benefits to be gained by enabling remote and mobile devices in the business workflow, unrestricted access only creates risk.

Keeping mobile devices secure for business use takes multiple approaches, as there is no single method or solution that works for every situation. Our 4 rules provide a basic foundation for business mobility management, offering a starting point for developing a more thorough and detailed plan.

Make sense?

J