How LA CPAs Use Vulnerability Testing to Protect their Assets

Author: Craig Pollack Date: Mar 27, 2015 Topics: _CPA and Accountant Blogs

How LA CPAs Use Vulnerability Testing to Protect their AssetsWhether your accounting firm has a network of fifty computers or five, knowing whether you have gaps in your network can save your assets.

There are lots of bad guys out there and keeping your client data from leaking out through the cracks in an unpatched infrastructure is as important, if not more, as keeping your office door locked.

Security assessments with vulnerability testing at its core by an experienced security specialist can mean the difference between a profitable, productive year and a whole lot of chaos.

Here are some key benefits your LA CPA firm would get by hiring a professional to do a thorough, yet appropriately scoped, security assessment.

1. Protect Your Reputation

If news of a security breach gets out to your clients, they might bolt to another CPA firm and tell other businesses in your area about your exposures. A Certified Information Security Services Provider (CISSP) can evaluate and find any security gaps in your network and then provide guidance as to how to remediate desktops, laptops, tablets, and servers or any other points on the network.

Once a vulnerability is discovered, additional penetration testing can be done to determine the severity of the gap. Simply put - preventative testing to head off an exposure can safeguard your reputation.

With IT security, sometimes no news really is good news. You can have vulnerability tests conducted confidentially by a professional either onsite or remotely. And should you require firewall tuning, intrusion detection/prevention system upgrades, or other remediation services, you can implement changes with no loss of productivity or system outages.

If you are hacked or suffer a denial-of-service (DoS) attack, you could spend billable time trying to rescue your data or bring your systems back online.

2. Demonstrate Your Diligence

When you have your vulnerability scans done and have fixed any exposures, make sure to get written proof documenting that you’ve gone to the effort of ensuring your network can be trusted. Since there are constantly new malware and hacking methods being created, security is more of an ongoing effort. 

You simply can’t look at things as though you have one test conducted and consider your network permanently secure. Subscribing to a vulnerability scanning service is a good next step. Establishing regular testing is also advisable.

Being declared secure by a security scanning provider is comparable to having the Good Housekeeping Seal of Approval on your network. 

3. Build Lucrative Relationships

Just as a reputable stock broker can help you with strategic investments, building a relationship with the right IT security provider can help you deliver value added services to your clients.

You can provide presentations to local Chamber of Commerce groups, help your clients to remediate their networks, and become a thought leader in areas such as Payment Card Industry (PCI) compliance.

Collaborating on IT security policy preparation is another way you can leverage a relationship with a CISSP expert.

Vulnerability testing by a knowledgeable, certified professional might seem like a costly, or unnecessary expense when your business seems to be running with no hiccups. But this is where no news doesn’t necessarily mean good news.

The trust you maintain among your clients, the health and stability of your network, and the expansion of your own knowledge of IT security is well worth the investment of having these services performed.


What have your experiences been with vulnerability testing and vulnerability scanning services? Tell us about it in the Comments section below.


And to follow-through on the tips introduced in this short article, be sure to download your free guide, 12 Ways for CPA Firms in LA to Utilize Technology More Efficiently.

New Call-to-action


Craig Pollack

Craig Pollack

Craig is the Founder & CEO of FPA Technology Services, Inc. Craig provides the strategy and direction for FPA, ensuring its clients, business owners, and key decision makers leverage technology as efficiently and effectively as possible. With over 30 years of experience building the preeminent IT Service Provider in the Southern California area, Craig is one of the area’s leading authorities on how small to mid-sized businesses can best leverage and secure their technology to achieve their business objectives.