IT insights for accounting firms.
Practical guidance on cybersecurity, compliance, tax season readiness, and the technology decisions that actually matter for CPA firms. Written by people who understand your world.
Recent Posts
The latest insights.

MFA Bypass: How Attackers Beat 2FA on CPA Portals
MFA isn't a magic shield. Here's exactly how attackers bypass multi-factor authentication on CPA client portals - and the affordable fixes that stop them...

FTC Safeguards Rule for Accounting Firms (2026)
If your firm prepares tax returns, the FTC counts you as a “financial institution” — and the Safeguards Rule has required a written security program since 2023…

CPA Firm Ransomware Statistics 2026
Ransomware appears in 44% of breaches — and 88% at small and mid-sized firms. The latest CPA firm ransomware statistics, and what they mean for your practice…

Boston Accounting Firms: Where You Are on the IT Maturity Scale?
Cyberattacks against accounting firms have surged more than 300% since 2020, according to industry reporting cited by Accounting Today, as criminals increasingly target the financial records, tax filings, and personally identifiable data CPA firms manage every day. If your IT infrastructure is “good enough,” it is already a liability. During tax season, an outdated infrastructure ...

Client Data Retention for Providence Accounting Firms: What to Keep and For How Long
Research shows that up to 85% of stored data is either redundant, obsolete, or trivial. For a Providence CPA firm, this “dark data” is a liability, not an asset. The instinct to keep everything forever feels safe, but every file sitting on an aging server beyond its required retention period represents an expanded attack surface. ...

San Francisco CPA Firm Incident Response Plans That Work
A cybersecurity incident in March is a business-ending event for a San Francisco CPA firm without a plan. Tax season heightens your cybersecurity risk: staff is fully stretched, sensitive data is in motion, and an IT outage directly disrupts business operations, leading to missed deadlines, client penalty exposure, and irreversible reputational damage. An incident response ...

How LA Accounting Firms Stop Business Email Compromise
Business email compromise is no longer a scam you can spot by a typo in the sender’s name. AI-powered impersonation now produces emails indistinguishable from your managing partner’s writing style, your largest client’s CFO, or your firm’s bank contact. Los Angeles CPA firms are high-value targets because you manage wire transfers, tax payments, and real ...

How Boston Accounting Firms Can Build a Simple Technology Roadmap (2026)
Many Boston accounting practices know they need a roadmap, but do not want a 40-page enterprise IT strategy that never improves tax season. What you need is a practical accounting firm technology roadmap that Boston, MA leaders can execute quickly and revisit quarterly. Partners, CFO leaders, and managing partners at Boston LLP firms need better ...

IT Documentation West Palm Beach Accounting Firms Need So Nothing Gets Lost (2026)
In many accounting firms, key IT knowledge lives in someone’s inbox until they leave. Passwords, QuickBooks settings, bookkeeping workflows, backup procedures, and tax preparation procedures are scattered across emails and personal notes. When that person is unavailable, tax returns stall, financial statements are delayed, and client data access becomes uncertain. Cyber risk raises the stakes. ...

Regular Software Updates for Accounting Firms: A 2026 Patch Management Framework
More than half (54%) of organizations say their most recent significant outage cost over $100,000, and 16% report losses exceeding $1 million, according to Uptime Institute’s outage analysis. For accounting firms, that kind of disruption during busy season does not just affect IT. It delays filings, interrupts financial reporting, and puts client relationships at risk. ...

FTC Safeguards Rule for CPA Firms: The Practical IT Controls to Focus on in 2026
Many CPA firms and accounting firms fall under the FTC Safeguards Rule because tax preparation and advisory work qualify as covered financial activities under the Gramm-Leach-Bliley Act. That has been true for years. What changed in 2024 is how exposed weak execution has become. The amended rule requires financial institutions to notify the Federal Trade ...
Showing 12 of 124 articles
Beyond the blog
Ready to talk about your firm?
Schedule a free IT assessment. No obligation. Just a conversation.


