Taking Your Practice Online

From the August 2008 Issue

Stop Driving, Start Working Efficiently
It seems like everything changes when you start working online. Last October, I wrote about Software as a Service (SaaS) and how online applications are the future for accountants and their clients. This month, I’ll drilldown on a couple of new solutions in the SaaS world.

But first, I’d like to share some feedback from a few readers who wrote in response to my article last October (www.CPATechAdvisor.com/go/1760).

One reader wrote: “Anyone who reads Symantec’s latest Internet Threat Report from 9-2007 can easily connect the dots with SaaS. If the channel cannot be secured, it’s not worth putting your company’s data online. All of the security trends are working against SaaS despite the push by banks to convince users that sensitive data is safer online.”

To which another reader responded: “That position simply isn’t true anymore. Where is your evidence for that statement? I did read that Symantec 9-2007 report, and I don’t see the conclusion you seem to. Let’s set aside for the moment that Symantec makes money by selling security protection, and so has a vested interest in making reports like this sound as scary as possible. It’s not that the report data is incorrect, so much as it is presented in a certain way, and that certain topics are left undiscussed. For example, nowhere does the report hint that security risks mean ‘it’s not worth putting your company’s data online.’ Similarly, the report does
not discuss the amount of risk in alternative channel options and how they compare to having the data online.”

These two readers are discussing exactly what the issue has been from the beginning. The issue is security, and whether the great masses will TRUST the Internet with their data. My conclusion is this: ABSOLUTELY yes. And the best evidence is everywhere. If you doubt it, consider that despite the “risks,” every day the masses order from Web stores, shop on eBay and use online banking.

According to AMI-Partners, a leading small and medium business strategy firm, “SaaS isn’t quite a staple for SMBs, but adoption is ramping up. For instance, in 2004, 10% of U.S. small businesses, and 15% of medium businesses used SaaS; in 2007, use jumped to 21% of small and 30% of medium businesses.” (see www.ami-partners.com/ami/default.aspx)

So why do the masses take all of these “risks?” Well, it could be that they just don’t understand the risks. But more likely, it’s because the benefits of the technologies outweigh those risks. Yes, fraud and identity theft are real, but the masses have, for the most part, figured out how to minimize risk while taking advantage of the huge benefits of working with their data online.

That said, you should always check out the company behind the SaaS solution and scrutinize its security policies. Does it have a third-party company that does security audits/reviews? Also, the security of a SaaS solution actually depends on what you are comparing it to. How secure is your own internal network? Are you performing regular backups and taking them off-site? Has a third-party firm performed a security of your own internal systems? The SaaS solution, while adding some additional vulnerability, may be an overall improvement to what many people are doing today.

Anyway, that’s probably enough said about security for now. Despite the risks associated with Web applications, people can realize some huge benefits, from mobility (anytime, anywhere access) to managed IT (the SaaS vendor does everything), scalability and lower overall cost.