Blog

PCG Case Study: Accounting Firm in Portsmouth, NH

advanced it support

Dave Hodgdon, CEO and founder of PCG, talks with John Maher about how PCG’s managed IT services helped an accounting firm in Portsmouth, NH. In this case study, he explains why the firm decided to hire PCG and how PCG helped secure the firm’s network and improve its tech environment.

Portsmouth Computer Group · Case Study – Accounting Firm in Portsmouth NH

John Maher: Hi, I’m John Maher. I’m here today with Dave Hodgdon, CEO and founder of PCG, a managed service and IT provider with headquarters in Portsmouth, New Hampshire. Today, we’re doing a case study on an accounting firm in Portsmouth, New Hampshire. Welcome, Dave.

Dave Hodgdon: Good afternoon, John.

Why the Accounting Firm Reached Out to PCG

John: So, Dave, tell me a little bit about this accounting firm and what it is that brought them to you?

Dave: When we met them, they’re dealing with another IT provider, and they were having some issues during tax season, so they want to look at some options of how they might be able to have some better uptime, John. In the tax world, once the season gets going, there are so many things going on, and they just want to make sure there was a plan in place. So they want to have plans for redundancy, redundant servers. They want to make sure all of their users that needed access remotely had a good secure connection.

One of the biggest things they really, really wanted from us was security from knowing that, especially in the tax world, you have all the information of a company’s financial information, Social Security Numbers. You name it, they pretty much have access to that while doing the taxes. So security was a big part of why they contacted us… they wanted help protecting their client portal.

They also had problems with some of their PC setups, there were no standards. So they use a product called FileCabinet, which a lot of accounting firms do. It was important that these setups were consistent, and what they had was not consistent. They really wanted some guidance, and they felt they weren’t getting that guidance. So that’s pretty much what we came to the table was the background issues.

Why Cyber Security Is Critical for Accounting Firms

John: Right. Is security especially important, like you said? Because not only are you dealing with all of the company’s information, but their customers, all of their tax information, like you said, all of their Social Security Numbers, things like that are probably in their computer system. And so that would be a major problem if that was breached.

Dave: That was probably the number one thing to them because they felt if there was a breach that their name would be tarnished, their business could be in jeopardy. So I think in today’s world, whether you’re an accountant or you’re a  lawyer… because you have a lot of information, knowing those assets are safe is critical, John.

First Three Steps of PCG’s Strategy

John: Okay. So talk a little bit about the strategy that you put in place and some of the initial things that you did to get them up to speed.

1. Network Audit

Dave: Yeah. Like anything, you have to start similar to a builder of designing a house, you have to start with the foundation. So one of our engineers did a network audit. We had to verify what was in place, what was under warranty, how the servers were operational, how many servers were there, what specific applications were in place?

You know, a big thing with accounting software is getting in touch with the software vendor to confirm how things are working, determining how their current backup was working and was it in place for what they wanted, where they want redundancy and no downtime, John, was that in place. So that was the first part, at least you can audit what was in place, because if we’re going to inherit this and they have these high expectations, we need to know, first of all, what they had, we could to support those needs.

2. Security Assessment

Dave: The second part of our strategy was doing the security assessment to really find out what was in place, anywhere from reviewing their cyber insurance, from looking at how users were remoting in, did they have multi-factor authentication turned on, did they have a mobile device, how was the wireless in the office? So getting a good security rep was big.

3. Preparing the Redundant Server

Dave: The third part was that a lot of accounting firms don’t want their servers in the cloud. So they want to make sure their redundant server was ready… so that if server one went down, server two could immediately turn on and there’d be no blips, that they’d have optimal uptime so confirming what was in place could handle that.

Results of the Network, Security, and Server Assessments

John: Okay. Then talk a little bit more about the network assessment and what’s involved in that, and what you found when you did that initial network assessment.

Dave: As part of our goal, our engineers have a checklist of what to look for as they verify the infrastructure. What we mean by that, John, is think of the electrical, the electrical panel, or for the heating side. You have your furnace and how everything is working.

So we want to check the switches where all the wires go through, the firewall, which protects the outside world coming in and also keeps the bad guys out, determining what type of password policies they had in place, how their line of business applications were set up. We want to check the PC setups, how they’re actually logging in, how the licensing keys for all the software worked, and we also went over their basic PC checklist of what they expected. So we want to confirm how they wanted that.

Once we’re able to document that we had enough information to come back to them on what we found did not meet what we call the critical issues list. Based upon what they told us they wanted, we saw some huge voids to get things in place.

Same thing on the security reviews. So we had another person do the security review. We sat with them and went over some of the key questions there and determined some of the gaps to minimize those risks for their clients in their data.

After we did the server review, we determined that the current server definitely was functioning right. But if it were to fail, it wouldn’t automatically work with the existing backup in place. So we came up with a plan of how to handle that.

Creating an IT Strategy

John: Then let’s move on to some of the other tactics that you implemented. Once you came up with the strategy, once you did the network assessment, you figured out all of those things that they needed, what are the things that you put into place for the long term?

Dave: We kind of broke down to two major areas, John, that as the winning vendor, we definitely saw there were projects in place, but the first part, which is the most important to us, is the relationship. So first of all, we had to determine that we are a good fit for each other and put a managed services plan in place.

Establishing a Relationship

Dave: The main thing is what’s in place. This is what we’re going to support you. Here’s how we do it. Here’s how we handle our response times. Here’s how you get access to our team. Here’s how we’ll onboard you. So the first part was really you had to be the stickiness of getting our agents, our tools, our documentation in place.

Putting a Managed Service Plan in Place

Dave: Once we had all that information, that gave us more of the data we needed to actually come up with a plan, John, for the projects. But the most important part is that the managed services plan to get in place.

After we documented our findings, we met with them. This is everything we have. We don’t have information on X or X. Can you help us with that? And they were very helpful in getting us that information.

Improving the PC Set-up Process

Dave: We spent some time with a couple of users on their PC setups to kind of show us, here’s what we do. Here’s some of the issues we’ve had in the past. You know, they do an awful lot of printing. They do an awful lot of shares. You know, in tax preparation, there’s a certain person doing a certain amount of work then someone else is double checking it before it might go to the final accountant. So we wanted to make sure those setups were right from the dual screens, the VPN access was important to us.

Outlining a Business Continuity Plan

Dave: After we completed the server assessment, we determined the server was near the end of its life. It was definitely functioning, but it did not have the redundancy in place and our buzzword, John, we call that a hyper B cluster fail over, that if the primary server went down, the second server would automatically kick on. So think of that in your house, you can have a generator that you have to go out and start manually and pull the lever, or do you have a generator house that there’s a blip that the other one kicks right on. So we want to have a clear, defined server cut over should the main one fail.

And even though you have that in place, there’s still the possibility that the building might not be there or another issue happened. So we actually had to have a business continuity and plan to make sure whatever’s onsite we had that up in the cloud.

Providing a 24/7 Help Desk

Dave: It was important for them that during the tax season and especially that they want the 24/7 schedule for their help desk for the employees. So they wanted coverage, especially during the weekends, during the tax season. They didn’t need it during the summer so we kind of priced it accordingly that they want it 24/7. Granted they work all year long, but they really want that coverage during that tax season.

John: Sure.

Customizing the Strategy for the Clients’ Needs

Dave: After the 90 days, we came back to them and now we understand your network. We understand what you told us upfront with some of the concerns and now came up with some plans that allowed us to give them some direction.

John: Yeah. And it sounds like you really work with a company to try to have your plan fit their needs exactly. Like you said, they needed that 24/7 support during tax season, but the rest of the year, maybe they could just do Monday to Friday during the day or something like that. So you’re able to work with them and come up with a custom plan.

Timing the Work Around Tax Season

Dave: Yeah. The big thing we also determined is in accounting firms, I feel almost all projects happen in the summer. That’s typically the slowest time, because once you start getting October, November, then you get in the holidays. But once January kicks in, you’re reeling… That network needs to be primed, oiled. That thing is just running and you want that to run through May. The accountants are all on full operational mode, that network needs to be where it is. So part of the good thing on the timing this year is when we spoke to them, it was just after the tax season and we were in the summertime where we came back to them for the various projects.

Outcomes of Working With PCG

John: Okay. So tell me a little bit about how long you’ve been working with them now and what the outcome of this project has been.

Dave: Yeah. We’ve been with them for many, many years now. We successfully onboarded them. We have a great point of contact who understands what they’re looking for, a great intermediary for the other accountants for us, very helpful in getting us the necessary information from the vendors and helping us with the setups. As we saw on their servers that their Microsoft email was on premise so we want to get up to 365. So that was one of the projects.

We had to get the dual servers in place tested, running, and moving all the apps, the data over. We had to put our business continuity plan with the backup in the cloud.

There were three to four major projects and you had to time those properly so they could successfully work. So we thought there was no reason to move the exchange from the old to the new. So one of the first things we did is get the exchange from the old server up to 365, so we did that. Then we prep the new servers, John, put them in place. Once those are in place, we had the discussion with our security. We added the necessary stuff for our security protocols.

Once things are in place, we train the staff on how to access our team. They know that every month they will see their dedicated engineer there for their monthly visits. Then our client success manager follows up with them a couple of times a year to make sure how they’re doing. We are always trying to be proactive to understand what ticks, what makes things happen because the ultimate goal for everyone is they’re out there to make money, they just want IT to run. When things aren’t running, it’s not good for them. It’s not good for us. Our goal is to be as proactive as possible with them, and we’ve got a great relationship. The network is a rock solid. We are continuing.

The thing I like most about them is that they are very, very proactive about what they want in security. They’re very eager to learn. How can they make their data more secure? What can we do with the users? Do we need more training? So they’re very up for whatever’s necessary to minimize their risks. So it’s nice to see someone, a business, that takes their IT and their security so seriously. It’s a great relationship and it’s a win-win for both companies.

The Importance of a Point of Contact in the Company

John: You mentioned the point of contact that you deal with. How important is that to have a solid point of contact at the firm or company that you’re working with, and who is that typically at a firm like this?

Dave: It could range anywhere from an office manager to the person that has the most IT skills. Many times it’s the owner. I think it’s very important that this person needs to somewhat understand the culture, what things tick there, how things are happening. It’s very difficult, John, to not have a point of contact in place because you need a person to escalate to.

You need a person to speak to explain here are some of the options. You want someone that whether it’s evening or the middle of the week, and there’s a major issue that they know we’re coming on site. We have all of our point of contact cell numbers, and they know if there’s an issue, we’re going to contact them on their cell phone. But I feel without a point of contact, it’s very difficult to have a great successful relationship.

All of our IT accounts, we have a major point of contact and that’s our go-to person, it could be an accounting issue, could be adding where I hire a new employee. We need some additional equipment. When COVID hit, we need to get Dave. We need to get everything ready for our homes. We need to get some equipment going ASAP. We need help, but we just got this audit. We have this question here. Can you help us with that? So, John, I, that was a great question, but a point of contact is critical to have it work for both sides.

Contact PCG to Talk About Your IT Needs

John: All right. Well, that’s really great information, Dave. Thanks again for speaking with me today.

Dave: My pleasure.

John: And for more information, visit the PCG website at pcgit.com or call (603) 431-4121.