How LA CPAs Benefit from a Security Threat Assessment

Author: Craig Pollack Date: Apr 24, 2015 Topics: _CPA and Accountant Blogs, Cybersecurity

How LA CPAs Benefit from a Security Threat AssessmentAs an accounting professional, you spend much of your time analyzing your clients’ fiscal stability and providing insights as to their readiness to weather the road ahead.

With your expertise into the strategies which keep businesses afloat, and those which sink them, you can help your client avoid disaster.

A security threat assessment provides your Los Angeles accounting firm with visibility into:

  • Mistakes you might be making in your policies and processes which are putting your firm into jeopardy
  • Gaps in your technology security framework which might lead to data loss
  • Tools which might need to be upgraded or replaced
  • Opportunities for workflow improvements which can lead to better decision making and accountability

Third-Party Assessments

Hiring a third-party consultant to provide an objective perspective on the threats and risks your firm is facing may not be your proudest moment initially. Yet, the disasters you can avoid before they happen might be the improvement your firm needs to stay out of the headlines and to maintain the trust of your client base.

Your client’s data is highly sensitive and is often accessed by many people which have legitimate reasons for doing so. Having a security threat assessment completed can reduce the number of privileged users which access information.

Opportunity for information being compromised decreases in the process. The threat assessment can also include vulnerability scanning of your network to identify areas where you can remediate issues. There may be forgotten patches on applications or updates to operating systems which can make a significant difference to your accounting firm’s security posture.

Possible Threats

  • Are you backing up your data consistently enough?
  • Are only a select group of employees privileged to access corporate information on mobile devices or from their home office?
  • What processes do you have in place when you onboard a new employee or separate from a terminated one?
  • How are you ensuring your client data isn’t walking out the door without your knowledge?
  • What is your policy on USB drives and retaining your information on them?

The good news is, you might be stressing out over threats which are extremely rare or that might have already been solved by a security patch.

Problem Solving

A security threat assessment can give your team peace of mind by developing a roadmap for problem solving based on many successful engagements. Once you have resolved any outstanding issues, you can document the results, and use the results as a tool to demonstrate your firm’s proactive approach to risk and potential vulnerabilities.

Partnering with a threat assessment consultant can also provide credibility to your accounting firm. Getting your customers to have threat assessments done themselves is a great strategy to make sure you protect their interests, which can solidify your relationship and protect their information assets.

There are many circumstances where backdoor vulnerabilities, spyware and malware might be lurking on your network, but you can be completely unaware they exist. A disgruntled employee may have left a vulnerability to take advantage of later or an employee might be carelessly exposing your client data dangerously.

Bottom Line

Having a professional security threat assessment can provide an objective, reasoned approach to forensically identifying problems, instead of acting with emotion or in a panic.

Have you had a security threat assessment done on your information technology infrastructure or related practices and processes? How has your Los Angeles accounting firm evolved from when it was conducted?

Do you see having another such assessment take place in future? Please share your thoughts in the section for Comments below.


And to follow-through on the tips introduced in this article, be sure to download your free guide, 12 Ways for CPA Firms in LA to Utilize Technology More Efficiently.


New Call-to-action


Craig Pollack

Craig Pollack

Craig is the Founder & CEO of FPA Technology Services, Inc. Craig provides the strategy and direction for FPA, ensuring its clients, business owners, and key decision makers leverage technology as efficiently and effectively as possible. With over 30 years of experience building the preeminent IT Service Provider in the Southern California area, Craig is one of the area’s leading authorities on how small to mid-sized businesses can best leverage and secure their technology to achieve their business objectives.