With 2012 just around the corner, the JofA gathered the three technology keynote speakers from the AICPA’s 2011 Practitioners Symposium/TECH+Conference to talk about tech trends heading into the new year. The nearly 90-minute conversation covered a wide range of technical issues critical to all CPAs.
Participating in the call were:
- David Cieslak, CPA/CITP, aka Inspector Gadget, a principal with Arxis Technology.
- Randy Johnston, executive vice president of both Network Management Group Inc. and K2 Enterprises.
- Rick Richardson, CPA/CITP, founder and CEO of Richardson Media & Technologies.
Moderating the call were:
- J. Carlton Collins, technology and accounting systems consultant and author of the JofA’s monthly Technology Q&A column.
- Jeff Drew, senior editor covering technology for the JofA.
Following are edited excerpts of the discussion about mobile technology and cloud computing. In the December issue, Part 2 will include excerpts from the discussion on social media, software and hardware, security issues and video. For a longer version of the forum, including an online-only excerpt discussing tech-based revenue streams, and audio clips from the conversation, go to journalofaccountancy.com/tech.
Collins: What will be the most important technology issue for CPAs in 2012?
Cieslak: I really think mobile computing probably has to be one of the most exciting things happening in technology right now—from devices to connectivity, from tablets to cellphones. It really is just pushing the envelope regarding how all of us are doing computing. And so I think it really is going to turn us all on our ear a bit in terms of how we go about doing our day job.
Johnston: I think the biggest return might be in procedural improvements this coming year. There are a number of us who have purchased technologies, deployed them, and frankly aren’t using them very effectively, and over the last three to four years we haven’t spent the right type of (money) on the training and on the procedural improvement.
Collins: Do you have a rule of thumb we should go by in budgeting training for our staff?
Johnston: I would suggest for CPAs in public practice that it’s probably going to be hours beyond the CPE minimum, and most likely you’re going to wind up with maybe another 10 to 20 hours. The rule of thumb is you should get almost a two- or three-to-one investment (return) for every hour you put in on the training. If you buy that type of education in bulk, you’ll probably have about a $600 expenditure to help your staff along that way.
Richardson: I think one of the biggest issues is they’re now throwing around a term called the post-PC era. That is an (era) where the desktop and/or laptop computer, at least for some users, is going to have a metamorphosis in terms of who uses it and for what is it used.
So I would guess that given particularly the next two years, the amount of effort that firms (put) into planning replacement is going to be terribly crucial. And I would just say, go slow. Make sure you’ve got pilot programs to try out some of this new mobile technology to see how it might impact what happens with the next generation of desktops and laptops.
FAVORITE NEW TECHNOLOGY
Collins: What’s your favorite technology that’s new this year?
Richardson: Near-field communication (NFC). It’s in Japan in a big way because they have a unified telephone system, and all the carriers use the same protocol. Here in the U.S., we haven’t been able to do that yet, but what near-field will do is allow users to swipe their smartphone in front of an NFC terminal and pay for almost anything, from a Big Mac to, say, a new suit of clothes. It’s probably going to be at least a year or two before we see near-field communication terminals showing up everywhere, but in the interim, they’re going to start showing up. And as they do, the ability to begin not carrying even the credit card any longer is going to have a major impact on us.
Johnston: I would suggest that the ultrabook is probably my favorite new technology. The idea here is much like the MacAir (MacBook Air) broke into this new space and now has been updated with the MacAir 2. You’ve got vendors—like Asus, with their UX21, and HP—that have comparable-format computers that are about half the price point of the MacAir, pretty much with the same features and comparable fees. So these ultrathin, ultralight netbook, notebook replacements might be high on my list.
Probably second favorite are some of the very lightweight mobile monitors for auditors. Field Monitor Pro is a good example of this. The big names like Sharp and Toshiba also have these monitors, which are about the size and thickness of a typical laptop monitor, which allows you to get to the field with two monitors in very, very little space.
Cieslak: At the risk of being very obvious on this one, I’m going to just go ahead and say the Apple iPad 2. I just think that it’s very much hitting its stride right now, so (I’m) very excited to see not only the device doing well, but all the apps that are springing up around it. And it’s really creating a lot of excitement around technology that, honestly, feels like it maybe has waned in most recent years. And then, to complement that, just some of the high-speed data connectivity options. So specifically, something like the MiFi, which is a 4G device allowing us to do broadband-speed-type communications with any one of our portable devices—laptops, tablets and so forth.
Collins: Let’s turn our attention to cloud computing. Everybody’s talking about it, but the concept’s not really new. It’s been around since the 1970s. We used to refer to it as “time sharing,” when you shared time on a mainframe computer. And since then it’s been called numerous things, like remote job entry, network computing, Web-based solutions, software as a service, and today, it’s called cloud computing. And it seems like with this title that the concept is really starting to take off. Rick, can you tell us what’s the difference now that’s making cloud computing so popular?
Richardson: The first is just how easy it is to use. Most of the vendors that are now providing cloud-based service provide it for collaboration and for synchronization. And in both of those cases, some of that happens literally automatically. That is, mobile devices will sync to the cloud, whatever service they happen to be going to, without the user even having to do anything.
And from a collaboration perspective, one of the ones I like the best in that environment is the new Google Apps. They have literally redefined what collaboration means when two users can be working on a document and actually see the other user make the change on their screen. So it’s pretty incredible in that regard.
The second is not needing anywhere near the storage space we used to need in mobile and semimobile and desktop devices. If you think about it, there are several services the cloud provides, and one of those is storage—the ability to put, as an example from a personal perspective, all of your music and entertainment, your books, all the rest of that stuff in a cloud service, where it’s maintained there. If you have 30 or 40 gigabytes’ worth of music, you don’t have to buy 30 or 40 gigabytes in your player that sits with you remotely. It’s all covered in the cloud, and you can buy a device that’s a lot lighter, a lot less expensive.
Third is the whole issue of the software products that are being offered and operated in the cloud. We call that software as a service, although that definition gets used pretty broadly, depending upon which software company you’re talking about. But products like accounting and tax compliance and planning, they’ve been available in stand-alone modes forever. They’re now available from both known and brand-new vendors with products that offer so much more integration than we ever had before. I think it’s just going to really change the way we work.
Collins: Dave, what’s your take on cloud computing?
Cieslak: I’ll share from a different perspective and talk about some of the benefits of cloud computing.
I would say this is truly taking what we’re doing from an application and a data perspective and truly transitioning it outside our four walls and really giving us the opportunity to have that anywhere, anytime access. So I really think that is a real standout as we think about how the cloud can change how we work and how we go about doing what we’re doing.
Some of the other benefits (include) reduced internal IT costs. All of this is part of a trend that I think that all of us are observing, just this ongoing commoditization of IT. As you look at IT in general, I think consumers and businesses alike are saying, “Do we really need to pay specialists and consultants and so forth?” And so as we think about the network infrastructure, the computing infrastructure and how much of that can be commoditized, part of that is happening through this cloud-computing initiative, or this cloud-computing migration, that’s under way.
Another part of that, organizations have much more predictable costs. It’s a lot easier to—actually it’s frictionless, we’ll say—even to do upgrades, because it’s being upgraded for you in the background. You’ll always be enjoying the latest and greatest versions because the vendor’s taking care of that. So when I log on, I’ll always be using the latest apps. I’ll have access to my data. I’ll know that the data’s been backed up and secure. I don’t have to worry about it necessarily being misplaced if my device is misplaced. There’s no product installation. I literally just fire up a Web browser, and potentially, I’m straight away working with my key applications and that data.
As we’re talking with a number of our clients, and even just kind of thinking through our own internal approach to things, I think the simple reality is, if we were to start in business today, I think we’d all probably agree that it would be cloud-based.
We’d try to do anything and everything that we could via the cloud. And really, I think the only kind of drag on that whole equation, the only thing maybe holding us back a little bit from that, is the fact that many of us have a lot of pretty entrenched infrastructure. So we’re in this transitional window where we’re going to be moving more and more, piece by piece into the cloud. But clearly, the benefits are there, and clearly there’s a lot of incentive and motivation to get there.
Collins: Well said, well said. The thing I like most about what you said, Dave, is—and I’m looking forward to it—when I don’t have to run to the computer store every year or two and purchase new versions of all the products and take time to install them in my system. That’ll be a good day for all of us.
Randy, can you tell us about some cloud solutions that CPAs should be using and maybe explain why they need to operate in the cloud to be effective?
Johnston: There are hundreds compared to the dozens of just a couple of years ago. And I will name some products specifically just as good examples. But let’s start with a pretty sophisticated solution, called ClusterSeven, that actually does spreadsheet controls. That’s one of the top initiatives of technology that was in the survey by the AICPA this past year or so (see tinyurl.com/3wvq3qq). ClusterSeven allows cell-level control of formulas and data not only in spreadsheets, but also in (Microsoft) Access databases and so forth. (It’s) a pure cloud app to get that done and (a) very affordable application for that particular situation.
You’ve got business analytics running in the cloud, which is really also interesting. I’ll pick on BizTools Pro as an example of that. (It) is a QuickBooks-enabled analytics product. But the analytics products run from the small to the large. And, Carlton, probably you as well as anybody know about so many of the accounting software products now available in the cloud, from the entry-level products like Xero or QuickBooks Online on up through an Intacct or a NetSuite or an SAP Business ByDesign. There are a dozen-plus of those products today that are quite effective.
For public practice (readers), Capital Confirmation does a wonderful job of being a software-as-a-service product that handles audit confirmations, and not only, say, cash, but also heading into AR [accounts receivable] and AP [accounts payable], and they’re doing a validation and verification of all small business addresses and so forth. That’s a pretty innovative type of thinking.
Every cloud product I’ve talked about is what would be called, traditionally, software as a service. It’s a product that runs in a browser. It’s multiuser, multitenant, and I typically set a lot of the hosted applications aside, even though they might be marketed as software as a service. So further, you can do tax in the cloud with products like GoSystem RS or document management in the cloud like GoFileRoom, just to name two products that work as a pure task offering.
And beyond that, we could go on and on and on. Probably the best way to think about it is there is probably a fast solution for every business need that you’re looking at today. Some of the weaker ones tend to be in areas like point of sale or manufacturing and distribution, and those will be a little harder for some people to get past. Dave is also spot on right. If you can throw everything out from the past and start off into the future, you would probably solve your business issues with cloud solutions today. But right now we’re going to go through a period where we’ll probably run hybrids—some things in-house, some things up in the cloud—and there will be a transition period. And for some, they will build their own private cloud by keeping the infrastructure internal but mobilizing their (applications) through browsers to tablets, to phones and other (devices).
Collins: What are the top security concerns related to cloud computing, and how should they be addressed? Rick?
Richardson: First and foremost, from the security perspective, is access protection itself, both login and continuous transmission. Most of us are familiar with usernames and passwords and protocols for passwords to provide for the longer they are and the harder they are to discover and so forth. But the other issue that’s just as crucial in all this process is you have a continuous transmission of information that needs to be encrypted itself, and finding out how the vendor is providing that and what level of security is pretty crucial.
One of the other concerns that I always have is (that) the company provides me with all this information about how the data and where the data are backed up. Contractually, I want to also make sure in the agreement I have with them that I own that data and that I have the right to be able to remove that data and bring it back in-house whenever I need to. So I think those are pretty important security issues.
Cieslak: One of the things that we’ve seen in the last few years is many organizations using the AICPA SAS 70 [Statement on Auditing Standards no. 70, Service Organizations] as kind of like their Good Housekeeping Seal of approval and saying, “Our data centers are in good working order. They’re secure.” And that’s been kind of a reach. That’s not really what the SAS 70 statement, the auditing standards, was designed for. So I think it’s important to point out that the AICPA is participating in this process now as well, and they’ve got something new called the Service Organization Control Reports [see “Expanding Service Organization Controls Reporting,” JofA, July 2011, page 46]. And that really is intended to springboard off of some of the good awareness that’s been created around SAS 70, but basically saying, “You know what? We want to create tools and end-user reports that really are more to the point of saying, in fact, this cloud-computing environment is a secure computing environment, and we’re going to give you the standards to measure that against and ultimately report to the end user,” give them confidence that it is, in fact, a secure environment.
So in addition to some of the access controls, as you think about the role of the AICPA, and just having some independent verification that you have a solid computing platform, I think these Service Organization Control Reports are definitely going to be a very good resource for us.
Johnston: If I could jump in on this security topic, one clear risk is large-scale organizations that are providing applications or hosting a lot of different platforms and so forth in the cloud will become security targets. And I think bad guys and hackers will do their best to break into those. We have seen breaches of that nature so far, and I believe it’ll get worse.
So we’d like to have the data encrypted at rest in these big data centers. Only some are doing that. Many are not.
Further, we’re also concerned just about the long-term scalability. In theory, these cloud data centers can be scaled, but there have been a number of cloud applications that clearly run out of scale or can’t scale as expected. So that becomes another one of the issues around cloud.
So I wouldn’t want our (readers) to think, “Oh, cloud is a panacea. Everything’s got to get there. It’s all going to get there.” And maybe it will, but I don’t see it happening very quickly and smoothly because technical people are learning how to work with these applications. And I believe that one of the issues (is) security holes that they’ve got in their applications or in their authentication procedures, which open some of these resources up to abuse issues. Even simple things, like the ability for one company to see another company’s data, which should never happen, unfortunately occasionally can and do happen today.
Drew: What should we look for in the smartphone and tablet markets in 2012?
Johnston: I believe that the touch-screen environments will continue to improve the resolution, and ease of seeing will get better, although any of the Apple products, the iPhone 4 and iPad 2 today and the [iPhone 5], I think they’re quite well done as they stand.
I think we’ll get additional voice recognition capabilities that work better, and we’ve already seen that in the current Android platforms and the iPhone platforms and so forth. We are seeing the first of the multicore, the multiprocessor phones, which give a lot more computing power. And interestingly enough, they’re not burning a lot more batteries to give us a lot more speed.
Something that I think I discussed with the (TECH+ Conference) attendees about three years ago was the virtualization of the smartphones to run more and more things simultaneously. Many of the new tablet competitors for the iPad are truly running applications simultaneously.
Richardson: In terms of the comments that people make about the fact that “it’s great for watching a movie, but I’m not sure I’d do a spreadsheet on it,” I guess I can concur with that, but I also feel very strongly that I’ve actually gotten to the stage now where I’ve taken five trips and the only thing I brought with me was a tablet. Yes, I wasn’t doing much other than email and communicating back to home base, if you will. But I think the laptop got stretched as a device because it was the lightest thing we had at the time. And an awful lot of people are going to find that they can exist just fine with a tablet.
Jeff Drew is a JofA senior editor. To comment on this article or to suggest an idea for another article, contact him at firstname.lastname@example.org or 919-402-4056.
For a longer version of the transcript, including an online-only excerpt discussing tech-based new revenue streams, and audio clips of the conversation, go to journalofaccountancy.com/tech.
- “The iPad Decision,” Oct. 2011, page 26
- “Expanding Service Organization Controls Reporting,” July 2011, page 46
- “Cloud Computing,” Oct. 2010, page 50
CPA Insider articles
- “Security Breach Laws and What a CPA Needs to Know About Privacy,” Aug. 22, 2011
- “Smartphones and Tablets,” Aug. 1, 2011
- “Do Your Mobile Devices Empower Your Business?” July 25, 2011
Sign up for the AICPA’s CPA Insider e-newsletter and view back issues at tinyurl.com/23prhp.
- Practitioners Symposium and TECH+ Conference in partnership with the Association for Accounting Marketing Summit, June 11–13, 2012, Las Vegas
For more information or to register, go to cpa2biz.com or call the Institute at 888-777-7077.
- Privacy/Data Protection home page
- Private Companies Practice Section’s Information Technology page
- Service Organization Control Reports home page
IT Center and CITP credential
The Information Technology (IT) Center provides a venue for CPAs, their clients, employers and customers to research, monitor, assess, educate and communicate the impact of technology developments on business solutions. Members who want to maximize information technology to increase efficiency and boost profits may be interested in joining the IT Membership Section or pursuing the Certified Information Technology Professional (CITP) credential. For more information about the IT Membership Section or the CITP credential, visit aicpa.org/infotech.
More from the JofA: