A certified public accountant working on tax audits on the cloud on a secure laptop during tax season.

5 Data Protection Tips for CPA’s During Tax Season

Tax season is the busiest time for certified public accountants (CPA’s) and hackers alike. While companies wonder how CPA’s can stay safe during tax season, hackers wonder how to get their data. This makes tax season the most critical time for any CPA to protect their client data.

Accounting systems have different ways to secure data, from secure cloud servers to partnering with a Managed Service Provider. With that said, here’s why it’s vital for certified public accountants to secure their data, and why it’s especially crucial during the tax season.

Threats Against Certified Public Accountants

CPA’s must protect their data year-round, especially during the tax season when hackers are most likely trying to breach your system. According to the FBI, hackers are attacking accountants and companies even more since the pandemic started, with more than 4,000 cybersecurity complaints a day.

Hackers are looking for the easiest way to target your CPA firm or company, targeting any area or loophole they can find. Cyber-attacks can happen anywhere and at any time, with different threat levels for various company sizes.

Types of cyber attacks such as:

  • Phishing attacks
  • Malware attacks
  • Ransomware attacks
  • Social engineering

CPA’s must protect their data and devices from hackers, or they may lose their business in the future. Companies need to start finding ways to improve their security, from commercial insurance to a more robust IT security strategy all year-round.

Here are 5 data protection tips your accounting firm can use to protect your data for this year’s tax season.

1. Cybersecurity Education For Employees

CPA firms must educate their employees on cybersecurity. Cybersecurity is an ongoing process, and companies need to ensure that their employees are up to date on the latest security standards.

From simple data breaches to ransomware, companies experience all kinds of cyberattacks. Many of these breaches result from human error, and employees may be the weakest link in your company’s security. You want to ensure that you and your team members can at least identify cyber fraud and social engineering efforts.

For starters, even the most basic education on phishing attacks, malware, ransomware, and encryption should help reduce human errors within the company. As a fact, 91% of all cyber-attacks on accounting firms come in the form of phishing scams. A proactive IT team should be able to help CPA’s to identify such threats and provide much-needed solutions.

When it comes to cybersecurity, most companies are worried about external threats. However, internal threats are a real threat, too. For example, an employee may accidentally delete important information, accidentally send it to the wrong person, or accidentally save it to the wrong server.

2. Passwords Are Not Enough

Passwords only protect one part of the data: the access point. Hackers have many ways to connect to your system, access your data, and take them away from you. This data is not only emails but also client financial information.

Companies’ number one mistake in security is using the same password for multiple systems. Even with a secure password, hackers can still penetrate an insecure database. Additionally, most networks use passwords that are easy to guess, so hackers can easily brute force their way into your system.

Building a secure system goes beyond using passwords. Additional security like authorization keys, granular permissions, two-factor authentication and secure VPN’s are some vital protocols that any CPA must consider.

VPN’s are an entirely different way to secure servers. VPN’s create a secure tunnel for your data, keeping it safe from the outside. SSL VPN’s encrypt the data, which means hackers can’t read it, nor can they breach your system.

With a VPN or cloud platform, your company can log in to any system without worrying about any threats. You’ll also protect your network’s security from outside threats, as well as keep your business’s data safe.

When CPA’s store their clients’ information, they must ensure that it is secure and encrypted; otherwise, they may face serious legal consequences. If you have information kept in the cloud, check that your IT service provider adheres to the proper compliance requirements for protection. Additionally, confirm they have a safety procedures & technology in position to ensure your information continues to be secure.

3. Secure Communication Channels Matter

When CPA’s communicate with their clients, they must make sure that their emails are encrypted, protecting both identities and information. According to the United States General Services Administration, more than 80% of companies do not have encryption on their email.

Data breaches and leaks happen because companies do not encrypt their emails, and criminals can easily intercept them. When you encrypt your emails, you protect both identities and information.

You want to secure your company’s internal communications to ensure that no man-in-the-middle attacks are happening on your watch. Companies need to add a more robust encryption channel, especially when dealing with client information, regardless of client size.

4. Build a Business Continuity Plan

Data breaches and network outages happen every day. Usually, businesses only plan for these threats when it’s too late. Having a business continuity & disaster recovery plan in place should protect your CPA firm from these kinds of data security issues.

Strategic IT security plans protect companies from disasters and threats while following compliance standards. They include backing up your data and ensuring that your information is secure at all times.

Additionally, having a plan protects you from potential lawsuits, as even a minor data breach can incur steep fines, costing your company thousands of dollars.

5. Partner with the Best Managed IT Provider

If you are entrusting your clients’ tax information in the Cloud, you should ensure it remains in secure hands. Naturally, it is your IT department/provider’s obligation to guarantee your information is safe and also available for your team. However, are they doing all that is required to guarantee this occurs?

It is extremely vital to pick a credible Managed IT Services & Cloud provider since you are basically turning over all your information to them. So, besides enhancing your defenses, you should verify just how well-prepared they are to prevent the dangers postured by cybercriminals.

Secure cloud servers are also vital, ensuring secure backups for all your data. Compliance standards like the GDPR and SOC Types 1 & 2 provide a strong enough guideline that CPA’s and accounting firms can follow to help protect client data.

The Bottom Line

Security is never static. CPA’s and accounting firms need to secure their data at all times, whether they’re busy preparing taxes or in the middle of an audit. Having a solid disaster recovery plan in place or adopting IT for Accounting protects your company, your clients’ information, and your company’s finances.

Even the slightest breach can be catastrophic for CPA’s and companies alike. Beefing up your security, not only during tax season, but the entire year, is a crucial process to keep your business running.

If you’re an accounting business owner looking for peace of mind this tax season, Contact Us today for a Free IT Evaluation. Nerds Support will provide all the help and advice we can give to put your business on the path to grow!

An accounting firm considering to accept cloud technology.

Why CPA’s Need Cloud Services To Survive

Cloud Services For Accountants is More Important Than Ever

As a CPA firm you’re going to have to adjust to this new remote reality. No one expected the lock-down, however firms that operated on the cloud had an advantage over those who hadn’t yet or only did so partially.

Many accounting firms learned to understand how the right technology could help them access and review financial information, create reports, manage accounts and more.

There is no telling how or when businesses will open up. Moreover, reopening A CPA firm to its full capacity requires much more than opening the doors, turning the lights on and wiping off the dust from your desk.

It is a gradual process that will require much planning and the transition itself will depend on many factors.

That is why cloud technology has become so pivotal in the last few months. The lock-down put many accounting systems to the test, forcing everyone from individual practitioners to larger firms to operate continually outside of the office.

Firms that migrated to the cloud prior to the lock-down are doing well. Their client data secured in a data center and their applications on a cloud network ready to use. The Accounting industry has been discussing the impacts that would occur as a result of the cloud. Now, it’s no longer a theoretical discussion.

Experts predict cloud accounting to be a permanent feature of any CPA firm. Firms that didn’t migrate to the cloud previously might be asking if it’s too late for them. The answer is a definitive no.

Video Conferencing

Firms that use Microsoft 365 might be familiar with Teams. Teams is one of the many video conferencing applications firms are using to communicate while working remotely.  There are also applications like Zoom, Google hang outs, and Skype. These video tools facilitate collaboration and, with the right cloud service provider, can create an effective remote environment.

Financial services experts and CPA’s are discussing the possibly of permanent remote advising. Remote advisory services was always the direction technology was heading in. However, the lock-down that proceeded the COVID-19 pandemic only sped this transition.

These remote services will only be afforded to firms willing to migrate and adopt the virtual tools necessary to perform these roles efficiently.  That means finding a managed services provider with cloud hosting capabilities that are designed to meet your firm’s needs.

Remote Advising Through The Cloud

Remote advising is the future of the financial services industry. Technology was already in the processes of changing the role of CPA’s towards more advisory positions. With software automating much of the compliance work once handled by an accountant or bookkeeper.

James C. Bourke, a CPA an accountancy technology expert, predicts that if CPA’s are not spending on technology solutions that are accessible remotely, they will be revisited.

“Priorities are going to change on technology spending, once we are all back in the office,” he said in a recent podcast.

Adopting a cloud storage system that can handle any project without downtime can help your business succeed with remote work.

Migrating  Your Firm to The Cloud

Can you migrate mission critical applications to the cloud now? Specifically can you migrate Document, tax, engagement, and practice management to the cloud?

According to Bourke, currently, migrating to the cloud will be difficult but CPA’s should do everything they can to prepare themselves for a cloud migration when we return to normalcy.

That requires firms to research the best cloud providers, checking to see if they have the right security and compliance tools to provide your firm with the proper IT support without failing to meet regulation standards.

Technology disruption and the shifting to more advisory services are creating a professional environment where accountants must offer more valued and diverse skill sets.  However, this also means shifting focus to the client’s specific needs and away from other aspects of your practice like software, cyber security and IT services.

Leveraging the Cloud

If you plan on working as a trusted advisor you need to understand the implications of these shifts and what these tools mean for your firm. It’s not only adopting a cloud solution but adopting one that has the services that benefit your firm the most. Migrating to the cloud is like purchasing a car. Just because it has four wheels and an engine doesn’t mean it will be the vehicle you.

There are many types of cloud providers and every cloud provider has different assets, strengths and weaknesses. There are public, private and hybrid cloud. Different cloud companies like Azure have cloud services but require you to pay an extra fee for support services. Nerds Support’s accounting cloud services utilizes software that complies with SOX and FINRA standards for example.

Other cloud providers like AWS are public clouds with thousands of clients. Their service would be less personal and contacting support is difficult.

Cloud Accounting is The Future

A Survey in The New Jersey Society of CPA’s, revealed that 40 percent of participants expected a decrease in revenue as a result of the COVID-19 pandemic. The development of cloud technology and remote services will work to mitigate revenue loss once properly implemented.

The abrupt switch from in-person accounting services to remote focused work was jarring. Firms were unprepared for the demands of a remote work environment. However, now that industries, not just Accounting, have seen the results of a shut-in, firms will work to eliminate this vulnerability by revisiting cloud technologies and focusing on remote tools.

Managed IT Services Providers expect an increase in demand for public cloud services. Specifically, a an increase in SaaS, industry- focused apps. These include collaboration and other productivity and business continuity tools.

The social shift towards online platforms (VOD, social media platform, and cloud gaming) shift focus towards cloud infrastructure automation/management software.

In other words, cloud environment reliability, optimizing online platforms and the performance of your infrastructure determine the success of your firm in the future. Clients now and in the future will require and request online services.

Make sure your firm stays protected and ready for this new shift.

Cyber criminal breaching federal emergency loan site for access to money.

8,000 Emergency Loan Applicants Affected by Data Breach

The SBA Was Breached

8,000 small business owners who applied for loans from the Small Business Administration potentially had their personal information exposed last month, admits the agency.

The Economic Injury Disaster Loan program (EIDL) offers up to $10,000 to owners currently struggling with their businesses due to the COVID-19 pandemic.

Who Is Affected?

The breach affects people who applied for the EIDL. Traditionally, it was used to aid owner whose businesses were impacted by tornadoes, hurricanes and other natural disasters. Congress expanded it in the $2.2 trillion CARES Act.

Notification letters were sent to 7,913 applicants possibly impacted by the breach and then the letters were posted online. The letters revealed that personal data could have been exposed to other applicants. This data included phone numbers, addresses, dates of birth, income and financial information, and social security numbers.

What’s In the Loan Program?

The Economic Injury Disaster Loan program (EIDL) offers up to $10,000 to owners currently struggling with their businesses due to the novel coronavirus pandemic.

A Trump administration official described the issue to CNBC saying that an error occurred when some owners would hit the back button on a page they would see the information of someone else’s businesses rather than their own.

How Did The SBA Find Out?

According to reports by the Washington Post, the SBA was initially silent on the duration of the breach or about details of its discovery. Businesses that may have been affected were notified by the SBA and offered one free year of credit monitoring.

The Agency said it discovered the vulnerability on March 25 and notified those affected with letters. A copy of the letter was posted by a victim after the breach. The letter itself mentioned that there is no sign of data misuse as of last week.

What’s The SBA’s Track Record?

Business owners have had issues with the disaster loan website before. The site was taken down for maintenance for several hours on March 16, and owners could not apply during that time. On March 29, the SBA revised its application process for the disaster loans and owners had to reapply. Many learned days or weeks later that they needed to reapply.

Business owners experienced issues with the loan website previously. In fact, the site was taken down for maintenance for hours on March 16. This meant owners couldn’t apply for a loan in that time. About two weeks later on March 29, the SBA updated the application process for the loans and owners were required to reapply.

How Much Money Was Allocated?

As of April 19, SBA had approved almost 27,000 EIDL loans valued at $5.6 billion. Another 755,000 businesses received EIDL grants worth a total of $3.3 billion. The Trump administration official told CNBC that 4 million business owners had applied for assistance worth $383 billion—far more than the $17 billion allocated for the program.

Even before the breach the agency website was strained by a flood of applications for the loan that overburdened funding, keeping businesses waiting for weeks to receive money.

Before the COVID-19 crisis small businesses should have been eligible for up to $2 million in disaster loans. Unfortunately, because millions of companies are now seeking assistance,  the SBA had to limit the loans to the previously mentioned $10,000

What are the Risks Now That There Was a Breach?

That being said, the SBA approved nearly 27,000 EIDL loans since April 19. However, the breach raises a problem for anyone looking to exploit personal information on the website for social engineering scams. IBM Securities published research revealing it had seen a 6000% increase in email campaigns impersonating the SMB.

For more information on cyber security, cloud, remote work and more, visit Nerds Support’s blog.


Cloud accounting roller coaster taking passengers down a slope.

The Evolution of Cloud Accounting: Automation and Opportunities for Growth

Cloud Accounting

 Cloud accounting provides enables efficient execution of tasks that cut down the time spent on client work. This also changes the way your services are measured and billed. Accounting should be understood as a consultation job much like with lawyers. You bill via fixed monthly fees rather than hourly.

Cloud accounting automates most transactions for clients. Accountants will progressively move towards accounting software that enhances the customer experience as opposed to the technical work itself.

Statistics show 67 percent of accountants around the globe prefer cloud accounting.

In fact, over the last decade, many industries have been impacted by the sweeping changes introduced by computer technology. For accounting this typically meant finding new ways to remain competitive and flexible without constantly investing in new technology. There are some glaring issues CPA’s are facing, however, and it requires forward thinking to resolve.


Automation is the looming threat that generates anxiety in many within the profession. Data entry is becoming an antiquated practice and streamlining the process by which an accountant works with their clients. In the future, artificial intelligence will organize schedules, make client profiles using available data and redefine the roll of accountants as a whole.
This is not a bad thing, however.

The industry is changing, but this is the fate of most industries as society advances forward, with new technologies and capabilities. Rather than see automation as a plague bringing inevitable ruin to an industry, see it as a liberation from much of the tedious and time consuming data entry and compliance work that holds the industry back from focusing on what really matters: the client.

Changing the Industry

Accountants don’t have to deal with paper tax forms or compile payroll manually. Modern software technology does all that work now.

In more traditional firms, this can be a bit of a culture shock. Graduating accountants are not being taught the fundamentals because that compliance work is done by software.

No system is perfect however, and accounting firms may need to adjust this shift by providing intensive training to all new hires within their firm. Emphasis on accounting principles will be needed for those trained in this new era of online accounting.

Redefining How Accountants Help

The needs of clients have changed as well. People are more independent as accounting becomes accessible and formerly more technical procedures are done online. The rise of investment apps and tax services online will mean fewer walk-in clients, but a rise in more specific consultation work.

Data entry work has been almost eliminated due to automation and cloud implementation. Printing paper checks and manually keying bills are tasks accountants no longer have to do.
It’s an inevitability that a firm reduce their workforce and scale down as technology redefines what work is done by CPA’s and what work is managed by algorithms. As a result, accountants will eventually, if not immediately, need offer specific services to clients like portfolio management and business consultation.

Staff Recruitment

Staff recruitment remains the main issue for CPA firms. This is according to research conducted by the American Institute of CPA’s. Finding competent and qualified staff is the first concern for CPA firms barring solo practitioners.

One of the reasons cloud technology is gaining traction is due to the fluidity of use the cloud provides for accountants. Hosting a variety of applications and even computers through the cloud increases efficiency and productivity through cloud sharing, minimizing the redundant processes that often come from that type of work

Cloud technology offers CPA firms the ability to access files from anywhere from any digital device. It also allows multiple users to work on documents, spreadsheets and presentations simultaneously at any time.

This increase in productivity creates an opening to focus more on staffing and vetting potential hires.

Cyber Security Concerns

Data breaches and cybersecurity concerns for CPA firms and their clients pushed this category into the top five ranking for all firm sizes.
The top issues survey is conducted every two years and results are organized by firm size. This is because smaller firms have different needs and perspectives than larger ones.
Cyber security is not just an important issue because it’s required by compliance, there are sever legal penalties if disregarded. The law mandates a firm be protected and any incident that occurs could mean a substantial fine.

The first and easiest thing one could do is have a secure password. People usually choose a memorable password like birthdays and anniversaries but that’s not always the best option. Something less predictable such as a combination of random letter, numbers and symbols are the surest route to making your data a little more secure.
To hackers, a CPA firm is a treasure trove of useful and sellable data. Cloud technology has advanced since it’s early years and many cloud providers, including Nerds Support offer advanced data security capabilities.

Changing Relationships

Traditionally accountants have focused on compliance and crunching numbers. Experienced accountants don’t tend to deal with this transactional work themselves, they do spend their time reviewing bookkeeping data and filing.

Due to automation and the advent of online and cloud accounting, accountants are performing more quality based work with clients. Accountants are now offering commercial insights by analyzing data via the cloud in a way only certified accountants understand. This allows for identifying important revenue drivers and consider how planning will impact profit.
Time is the greatest asset in any industry and accounting is no exception. 68 percent of accountants think that they could offer greater value to clients if they had more time, according to a study conducted by Xero. This indicates client demand for accountants has not gone down despite advancing technology and online tools.

Accounting Technology Statistics

83 percent of accountants believe understanding technology is as important as understanding accountancy. They understand the important changes brought about by technology and automation introduced to the industry.

Accounting On-demand

Cloud accounting and accounting applications changes the standard of working a specific set of hours at a specific location. Through the cloud, accountants can do remote work, only requiring use of online accounting software. The flexibility made available by emerging technology has altered and continues to alter the industries it impacts.  This is a boon for both businesses and accountants alike. Remote working widens the variety of what can be done and allows for a work-life balance that doesn’t sacrifice family priorities for their position.

This gives accountants full control of how they determine and prioritize importance of work. 75 percent of accountants believe they would be more successful if they chose their own work schedule.
This also means accountants can work on tasks on short notice using high functioning cloud based technology and provide improved an improved customer experience.

Cloud Accounting Disrupts Industries

These huge technological leaps like improved broadband coverage, cloud infrastructure, and adoption of smartphone and tablets is changing what a small business owner is and how they work with accountants.

Business owners are now millennials, aging baby boomers and mothers with free time and side ventures operating from their kitchen tables and living rooms. In order to understand this new breed of business owner accountants are going to have to adopt many of the technologies that drive their clients.

The cloud, like many technologies should not be seen as a trend or a fad, but as a natural progression of how businesses operate. Innovations have their origins in addressing a need and resolving that need. Keeping up with ever changing tax codes, developing technologies and associated costs creates pressure many industries. This pressure in turn necessitates unique solutions and it is up to the industry to recognize a paradigm shift. It’s you job to get ahead of the curb.

To learn more about cloud solutions visit the Nerds Support website, our blog or call us and we’ll answer any questions you may have.