Small-Firm Technology Tips

BY ED MCCARTHY

Increase your competitive edge without breaking the bank.

EXECUTIVE SUMMARY
Telephone systems are moving beyond the traditional hard-wired and expensive PBX. By combining computer and Internet technology with voice calls, a small firm can manage more incoming calls and sound like a larger organization. There are many choices and services in this area. Web-based unified messaging and Voice over Internet Protocol (VoIP) are two technologies that can make a small firm appear to be a much larger organization and confer a competitive edge.

Firms can choose from many data backup options, ranging from on-site systems to Web-based solutions. Consider imaging software that can capture an entire disk’s contents, including the operating system, applications, data and user settings. As in all technology choices, research carefully and get informed help if it’s needed.

One of the biggest issues for small firms is security. Identity theft can be set in motion when a user opens bogus e-mail, and malware can be activated when a user clicks in response to an instruction to see, open or download something from the Internet. PCs in administrator status offer hackers easy access to an office network, but many common programs, including QuickBooks, require administrator status to run. It’s a good idea to reduce the number of office PCs running in administrator status.

Wireless (Wi-Fi) networks that increase mobility are a productivity tool, but Wi-Fi also brings security risks. Enable the strongest available encryption features and MAC address filtering for your office’s Wi-Fi network. Obtain expert help to protect your business against exposure.

Thieves don’t need tech skills to steal an off-site laptop or PDA. It’s a good idea to encrypt the sensitive files on every machine that leaves the office and to limit online office connectivity so an employee who travels can’t lose any sensitive data.

Ed McCarthy is a freelance business writer in Pascoag, R.I. His e-mail address is edmccarthy1@yahoo.com .

ike time, technology is continuously moving on, offering more and more choices as it evolves. So with so much to choose from, how does a small firm decide which technology to adopt for an upgrade? Data security, user-friendliness and reliability are important considerations when making a decision, as is return on investment. Savvy small firm practitioners know you don’t have to have big firm resources to take advantage of the latest advances. Here three of them share a few useful technologies and implementation tips for small firms and sole practitioners who want better IT capability.

Security Problems

About 90% of desktop PCs in the United States are set up with administrator status, which can put those systems at risk.

MESSAGE WITH AN EDGE
Telephone systems are moving beyond the traditional hard-wired and expensive PBX. By combining computer and Internet technology with voice calls, a small firm now can have a sophisticated telecom system at a reasonable price. Two technologies in particular, Web-based unified messaging and Voice over Internet Protocol (VoIP), can make a small firm seem like a larger organization and confer a competitive edge. Carefully research all the options of any new system before introducing it into your office.

Unified messaging systems. Web-based unified messaging systems combine voice mail, e-mail and fax messages in one system so users can access all their messages from a single in-box. These systems are virtual PBX networks; in other words, they are software-driven and don’t require installation of telecom hardware in your office. Users typically can choose a toll-free or local number; callers hear a customized greeting and are instructed to dial an extension or get the directory listings. Several systems support unlimited simultaneous incoming calls.

Each voice-mail box can have its own forwarding number, and some systems offer “find-me” calling that rings multiple phones sequentially or simultaneously in an effort to locate the recipient. If the call recipient doesn’t answer, he or she can retrieve the message by phone or online as an audio file. Most unified messaging programs accept incoming faxes and e-mails and notify the recipient of a new message by e-mail or text message besides.

Monthly costs vary with selected features. Prices and capabilities described here may change, as technology services often do, so think of them as ballpark figures and research carefully. The VirtualOne Premier Local plan from GotVMail ( www.gotvmail.com ) has a base monthly fee of $39.95, which includes an 800 number, a virtual number, 20 mailboxes and 1,000 local-call minutes. The Virtual PBX ( www.virtualpbx.com ) small business plan starts at $12 per extension per month with a base rate of 5.9 cents per minute for incoming local calls.

VoIP. VoIP networks such as Vonage have been gaining popularity among consumers. With this technology, calls travel over the Internet and your data network, so there’s no need to add new phone lines or phones. VoIP also provides a full range of advanced features, including voice mail, call-waiting, call-forwarding and conference calling. Users access their phone system’s settings via the Web and retrieve voice mails by phone or online. Some, such as Skype, are—for the moment—free ( www.skype.com ).

The Vonage Small Business Unlimited Plan costs $49.99 per month, including unlimited calls within the United States and Canada. Calls to other Vonage network numbers—including international numbers—are free. Consumer-oriented VoIP systems are adequate for sole practitioners and home offices, but larger firms should consider business-class VoIP from vendors such as Avaya ( www.avaya.com ) and ShoreTel ( www.shoretel.com ) that run on local-area and wide-area networks. Drawbacks? If the Web goes down or electricity goes out, you have no phone.

CPA Simone Velasquez-Hoover, a sole practitioner in Royal Palm Beach, Fla., uses the Genie unified messaging system from EasyTel ( www.genie.us ). The system asks callers to identify themselves and relays the name to Velasquez-Hoover at the forwarding numbers she provides. If she’s unavailable, the system takes a voice message or allows the caller to page her. Velasquez-Hoover says sound quality varies occasionally, but overall the system’s benefits outweigh that drawback. “During the last hurricane evacuation, the phone system continued to work,” she says. “Even though I was away from the office, I could communicate with my clients, have conference calls and receive faxes.”

DOUBLE YOUR DATA
The hurricanes of 2005 were a reminder of how important it is to back up computer systems, whether by a Web-based solution or an on-site system. Don’t overlook portability—an on-site backup medium under five feet of water in your office won’t do you much good.

External drives . Velasquez-Hoover, who was forced to evacuate her office twice in the past two years, relies on an Iomega 400 GB external drive ( www.iomega.com ; approximate cost: $380) that backs up her PC’s entire hard drive. If she has to evacuate, she can quickly disconnect the drive, which weighs less than three pounds, and take it with her.

Another portable storage option worth considering is the Mirra Personal Server ( www.mirra.com ), which combines backup with Web-based file access. It’s approximately 11 inches tall, 10 inches deep and 5 inches wide—bulky, but still small enough to move easily. It attaches to your LAN and continuously backs up files on any PC connected to the LAN, but does not back up application software or operating system files. It costs about $399.99 for 160 GB of storage capacity; $499.99 for 250 GB, and $799.99 for 400 GB.

Mirra also lets authorized users access files over the Internet. If you are at a client’s office and need a file located on your office PC, you can log on to Mirra’s Web site and server over the secure connection. Once connected to your computer, you can retrieve and upload any files. Mirra uses the Linux operating system, so the device is not susceptible to Windows-based viruses.

Imaging software. If you want to back up an entire hard drive, not just data files, consider imaging software. These programs capture your computer’s entire contents, including the operating system, applications, data and user settings. The software lets you choose a backup location, including a partition on the disk, network drives, RAIDs, removable drives, CDs and DVDs. Prices vary with features: The Acronis True Image 8.0 Corporate Workstation ( www.acronis.com ) version costs about $70; the Server for Windows version costs $699.

Let your backup needs determine the media: DVDs hold several times as much data as CDs, but may need monitoring if disks must be swapped. External hard drives, tapes and Web-based backups can run unattended, but the Web option can be expensive for large backups. If you back up only data files, store software installation CDs in a secure off-site location.

ENHANCE OFFICE NETWORK SECURITY
One of the biggest mistakes firms and companies make is to spend too much time trying to manage external security threats while overlooking the internal risks, says Susan Bradley, CPA/CITP. She is the system administrator and one of seven partners at Tamiyasu, Smith, Horn and Brown Accountancy Corp. of Fresno, Calif., a 15-person firm specializing in litigation support and business valuation. The two most common types of computer crime are identity theft—often set in motion when a user opens bogus e-mail—and malware (malicious software designed to damage or disrupt a system) or spyware, which is activated when a user clicks on something from the Internet, she says. PCs set up with administrator authority give users free rein to visit and download from any Web site or CD-ROM. Setting up PCs in this way contributes to the proliferation of spyware and malware such as viruses, Trojan horses and worms, Bradley says.

Just as flesh-and-blood criminals do, malware chooses easy victims—which administrator status provides. Nonadministrator status, which allows users to Web surf but not to download from the Web, is designed to make it harder for spyware to latch onto a system browser. “Moving users away from administrator status on their PCs is a practice the profession should encourage,” says Bradley.

Bradley suggests that firms use commercially available spyware and malware filters and switch the PCs of employees whose work doesn’t require frequent software updates to regular-user (nonadministrator) status (see “ Resources ”). Bradley switched about half the PCs in her firm to nonadministrator mode, though that did cause other problems, she acknowledges. The problem with many programs, including the ubiquitous QuickBooks, is that they require administrator status to run, she says. “Software companies don’t really consider what that asks of you.”

Bradley suggests running a search for “administrator status” in the Windows XP Help and Support Center in order to read “Why you should not run your computer as an administrator” to learn more about the security risks. There’s also useful information at http://blogs.technet.com/jesper_johansson/archive/2005/11/30/415328.aspx and http://www.thechannelinsider.com/print_article2/0,1217,a=166172,00.asp .

PROS AND CONS OF WI-FI
Wireless networks continue to gain acceptance as a productivity tool, both inside the office and on the road. Wi-Fi can be a lifeline: Turn on a laptop or personal digital assistant (PDA) equipped with Wi-Fi, find an accessible signal and you’re ready to go online. McQuaig and Welk, PLLC, in Wenatchee, Wash., is a two-partner, nine-person firm that specializes in management consulting. CEO John McQuaig, CPA, says the niche requires lots of travel, public speaking and training—all situations for which reliable technology is crucial. Virtually all his staff use wireless-equipped laptops, and staff members who travel employ Wi-Fi extensively on the road. There are dangers, however.

Wi-Fi exposure. A downside of Wi-Fi flexibility is that wireless networks create security risks because a signal doesn’t stop at the perimeter of your office. Depending on the signal’s strength, occupants of offices near yours—or even cars in a nearby parking lot—may be able to pick it up. The odds of a hacker using that signal to break into your network are small, but the threat to data security is genuine.

Public hot spots create more vulnerability. With certain equipment, hackers can intercept unencrypted data flows—a practice known as “sniffing”—and record the transmission. Thieves can capture a user name and password from a nonsecure connection. “Evil twin” hot spots are another way to intercept transmissions: To block the genuine signal, the hacker sets up a Wi-Fi base station in proximity to a public hot spot and generates a stronger signal than the legitimate access point. Users inadvertently sign into the rogue network, which then can capture unencrypted data.

Network safety. To protect data so only authorized machines can access the signal, McQuaig’s office network uses WPA encryption and MAC filtering. The firm outsources the management of its system to Clear Focus, a technology company also in Wenatchee.

“We had an in-house systems manager, but the internal demands to keep current were too great for a firm our size to support,” McQuaig says. Because the firm had developed a comfortable relationship with Clear Focus from working together on a number of installations, McQuaig hired the consultants to take care of the firm’s system support at a cost of about $150 per laptop workstation per month.

Other problems and solutions. To get a Wi-Fi signal you must be close to an access point—within 300 feet for most public hot spots. If you need secure wireless Internet access from locations that lack convenient hot spots, cellular networks data systems may offer a solution. Sprint and Verizon Wireless provide high-speed EV-DO wireless access in a growing number of U.S. cities and airports. EV-DO, where available, offers average data transmission rates of 400 to 700 Kbps. Cingular’s EDGE network, also widely available, has an average speed of only 70 to 135 Kbps. All the networks offer lower-speed connections in areas where high-speed connection is not available.

The data plans cost from $60 to $80 per month for unlimited data plus a voice plan. You also will need a wireless modem card for your laptop, which costs $100 to $250, depending on discounts and the length of the contract. Insist on having the strongest available encryption features and MAC address filtering for your office’s Wi-Fi network.

Practical Tips
Let your backup needs determine the media. DVDs hold more than CDs, but require more attention. If you back up only your data files, make sure you store software installation CDs in a secure off-site location.

Don’t overlook the risk of theft to mobile devices. Install passwords and encrypt sensitive data; have backup arrangements for laptops and PDAs.

Business users may find VoIP call quality inadequate. Try any system before committing to it.

If you choose to go wireless, install network monitoring software and require all staff members to use a secure access service.

THEFT, A CHRONIC WORRY
The biggest risk to your data is not from Wi-Fi. Thieves don’t need tech skills to steal an off-site laptop or PDA. Use passwords and encrypt the sensitive files on every machine that leaves the office to prevent snooping—or you can achieve security by prohibiting data storage on off-site computers altogether. When a Tamiyasu, Smith, Horn and Brown staff member traveled to a high-risk area in Southeast Asia, “we limited his online office connectivity to Microsoft’s Remote Web Workplace, part of the Windows Small Business Server 2003 program,” Bradley says. The laptop was able to receive only screenshots. All underlying data stayed on the server at the office. “If someone had stolen the laptop, I’d have been aggravated about replacing it, but we wouldn’t have lost any sensitive data,” she notes.

If you choose to go wireless, install network monitoring software such as AirDefense ( www.airdefense.net ) to track and deter intruders. Require staff to use a secure access services such as Jiwire SpotLock ( www.jiwire.com ), HotSpotVPN ( www.hotspotvpn.com ) or GoToMyPC ( www.gotomypc.com ) when going online through an unencrypted hotspot. Don’t overlook the risk of theft to mobile devices. At a minimum, install passwords and encrypt sensitive data.

GROW YOUR OWN WAY
Technology changes constantly and the number of tech tools is too big to cover comprehensively in one article. New sources of products and new suppliers appear every day. But don’t make that a reason to put off upgrading your system. Decide what technologies will best serve your needs and take a step forward. The solutions here have attempted to address the enterprise needs of a small firm that seeks to minimize risk to data, improve staff mobility to better serve clients, and improve owner mobility to better oversee the business and to manage costs.

 
AICPA RESOURCES

Conference
TECH 2006: The AICPA Information Technology Conference
June 12–14, 2006
Hilton Austin
Austin, TX

CPE
Information Security: Critical Guidance for CPAs in Public Practice and Industry (# 732450JA). To register or to order, go to www.cpa2biz.com or call the Institute at 888-777-7077.

OTHER RESOURCES

Brand links
These will take you to information about specific products.

SPONSORED REPORT

How to make the most of a negotiation

Negotiators are made, not born. In this sponsored report, we cover strategies and tactics to help you head into 2017 ready to take on business deals, salary discussions and more.

VIDEO

Will the Affordable Care Act be repealed?

The results of the 2016 presidential election are likely to have a big impact on federal tax policy in the coming years. Eddie Adkins, CPA, a partner in the Washington National Tax Office at Grant Thornton, discusses what parts of the ACA might survive the repeal of most of the law.

QUIZ

News quiz: Scam email plagues tax professionals—again

Even as the IRS reported on success in reducing tax return identity theft in the 2016 season, the Service also warned tax professionals about yet another email phishing scam. See how much you know about recent news with this short quiz.