With remote working becoming more prevalent in the professional services sector under the current COVID restrictions, accountancy firms have had to shift their working practices in rapid time.
Under the ‘new normal’ we find ourselves in, firms need ways to ensure their accountants can work in exactly the same way as normal; that they can ensure client data is secure and that they are compliant, amongst other things.
The movement towards agile working will present certain challenges for accountancy firms who require the ability to connect their workforce securely and without sacrificing on user experience – and most important the service level provided.
Let’s examine the landscape in more detail.
The importance of the user experience
At the end of the day, any technology stack that a firm chooses to support remote working, should enable employees who are remote or mobile to carry out their work without any impact on their user experience.
In this way, a seamless user experience results in greater productivity. For example, do your employees complain about tedious re-authentication practices or poor quality video calls that make working outside the four walls of the office a frustrating experience?
The COVID pandemic has seen a huge uptake in video-conferencing platforms such as Zoom. However, Zoom still leaves a lot to be desired.
Perhaps its biggest issue is that it can’t adjust to inferior internet connections – the problem only gets worse as more people join a call. Choose a solution that can deal with this – cheap or free is not the best way forward if you are a professional services organisation. As an accountancy firm, delivering the same service to your clients is paramount – pandemic or no pandemic.
On slow networks and fringe coverage areas you need technology that stabilises applications so they continue working even over bad connections and that can optimise real-time apps (e.g. Skype, Microsoft Teams, etc.) to help workers get their jobs done.
Agile working requires your firm to ensure that your remote workers operate seamlessly and without any disruption to the (client) service that they deliver. There’s little point in having a remorse workforce if your clients are not receiving the levels of service that they rightly expect.
Compliance is key – especially for accountants
Sometimes treated as an afterthought, security should be at the forefront of any remote working strategy.
Firms should be looking to encrypt traffic on unknown or insecure networks – this helps to prevent Man-in-the-Middle (MitM) attacks and accidental data loss – this could include the financial details for a firm’s customer base, a huge nightmare for any organisation.
With people being what they are, don’t leave things to chance. Use a Unified Endpoint Management (UEM) solution to prevent unofficial app downloads – a common distribution mechanism for ransomware.
The official stores are far less likely to contain rogue software. Firms need to enforce authentication using adaptive authority (context-based MFA) or they should look to implement a software defined perimeter – this provides a closed 1-1 connection between employees and the resources they need and keeps potential hackers out of enterprise resources – even in the cloud.
An ideal scenario is for your firm’s IT team to have full visibility of all devices connected to your network, enabling them to address issues quickly.
Another critical area for professional services organisations is compliance. Whether you are more concerned about the punitive damages financially speaking, or the reputational damage to your firm resulting from any breach, it is vital that remote working does not result in a host of compliance issues.
Keeping your client data secure should remain a top-priority for any firm whilst allowing your employees to access internal systems and applications from anywhere, on any network, without fear of compromise.
Maintaining critical access
Firms should look to prevent access to unsanctioned services, such as iCloud, Google Drive or other unapproved file sharing/cloud storage – look to adopt security products that allow your organisation to apply policy even when your employees are working on their own home networks.
Also, make sure that any potential solution includes the ability to provide reputation-based domain filtering, limiting access to high risk content that office-based employees would usually enjoy, for example sites known to host malware.
Consider using role-based access controls to grant selective access to every aspect of the management console including client and server configuration settings, policy management, etc.
If somebody at the firm doesn’t need access to particular information then keep them out – lessens the risk of costly mistakes or an increase in weak spots for hackers to leverage.
Forward planning is a must
One of the many lessons that will have hopefully been learned from the coronavirus pandemic is how all firms need to be better prepared for remote working.
Indeed, we could see a permanent shift in working patterns as companies are forced to embrace remote working and might even find that their employees do not want to return to the office once the restrictions are lifted. And many systems have struggled to cope.
Corporate networks, not used to having a majority of their connections coming in over virtual private networks (VPNs), are experiencing blips, while ISPs have come under pressure to lift bandwidth caps so that remote workers do not get cut off from their employers halfway through the month.
Perhaps COVID has been the inadvertent kick-start to the distributed work revolution, but it might also offer the opportunity for many firms to finally build a culture that allows long-overdue work flexibility. The focus should be on defining the perimeter for devices reaching your organisation across networks you don’t control and or own.
If this situation has taught us anything – it’s all about being prepared.
Achi Lewis is the EMEA Director for NetMotion and over 25 years in IT, Search, Databases and Mobility, having worked extensively with Finance, Government, Emergency Services and the Public Sector.