rAuditpcasonline.org/Files/PDFs/PCAS_Draft_WFH Policy-2020Jun01... · 2020. 6. 1. · CA. Sujit...
Transcript of rAuditpcasonline.org/Files/PDFs/PCAS_Draft_WFH Policy-2020Jun01... · 2020. 6. 1. · CA. Sujit...
MAY 2020
PUNE CHARTERED
ACCOUNTANTS’ SOCIETY
Page : 2 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
Publication Contributors PCAS Committee
CA. Shirish Deshpande CA. Dinesh Gandhi, President
CA. Deepak Sugandhi CA. Abhay Bagmar, Vice President
CA. Anand Pansare CA. Shirish Kulkarni, Secretary
CA. Sujit Mehta CA. Neelesh Khandelwal, Member
CA. Karan Chandwani CA. Dhananjay Barve, Member
Technical Review - Mr. Avinash Gokhale
Legal Review - Mr. Vivek Sadhale, LegaLogic
PLEASE SHARE YOUR FEEDBACK ABOUT THIS PUBLICATION AT
Disclaimer:
This publication is prepared for use by Pune Chartered Accountants’ Society for use by Chartered Accountants in their office as a general guideline for
upgradation of information technology and implementation of Work from
Home Policy on the backdrop of spread of CORONA pandemic. This is not a complete solution or protection for all the environments. Users need to take
appropriate professional help wherever necessary. This policy needs to be implemented with appropriate modifications for use, depending upon
individual specific requirements. Reference to any product name of a brand is not endorsement of that product. It is to bring to the attention of readers
starting points for their search for the most suitable solution. Various suggestions given here are informatory in nature and either the PCAS or
contributors to this publication do not carry any responsibility whatsoever. Further this publication is the property of the Pune Chartered Accountants’
Society and its copyrights belong to it. Further the products mentioned and prices quoted here are only informative and there is no intention of any
advertisement or marketing.
* FOR PRIVATE CIRCULATION ONLY *
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 3
INDEX OF CONTENTS
Section Particulars Page #
Preface 6
Scope 8
Definitions & Acronyms 8
IT Infrastructure 12
1 PHYSICAL RESOURCES 12
1.1 Office Deskspace 12
1.2 Seating Arrangement 12
1.3 Server Configuration 12
1.4 Desktop PC 13
1.5 Thin Client Architecture 13
1.6 Firewall / Proxy Server 13
1.7 Printer 14
1.8 Scanner 15
1.9 Broadband Connection(s) 15
1.10 Router 15
1.11 Network Attached Storage 16
2 INTANGIBLE RESOURCES 17
2.1 Server OS 17
2.2 Desktop OS 17
2.3 Office Applications 18
2.4 Email Client 18
2.5 CRM 19
Page : 4 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
2.6 VPN Services 19
2.7 Remote Desktop 20
2.8 Own Website Hosting / EMail Server 21
2.9 Portable Apps 22
2.10 Audio Visual Communication 22
3 VIRTUAL (CLOUD) RESOURCES 23
3.1 Hosted Website 23
3.2 Email Server 24
3.3 Chat Messengers 24
3.4 Workflow Management Software 25
3.5 Video Conferencing 26
3.6 Password Managers 29
3.7 Online Audio & Video Content 30
4 ECOSYSTEM PARTICIPANTS 31
4.1 HR Best Practices 31
4.2 Communication and Syncing with Clients 32
4.3 Service Providers 33
5 POLICIES & PROCEDURES 34
5.1 DRP & BCP 34
5.2 Backups 36
5.3 Email Backups 37
5.4 Data Security 38
5.5 ISO 40
5.6 ICAI - DCMM for Professional Accounting Firms - Version 2.0
40
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 5
6 WORK FROM HOME 41
6.1 Human Resource Skills 41
6.2 Data storage 41
6.3 Equipment 42
6.4 Internet Connectivity 43
6.5 Data Security 43
6.6 Communication & Updations 44
6.7 Backup 44
6.8 Drafting of Work From Home Policy 44
6.9 Other Important Points 45
7 REGULATORY ASPECTS 46
7.1 Client Consents 46
7.2 Information Technology Act 2000/2008 47
7.3 Copy Rights Act 1957 49
ANNEXURES
I Hardware & Software prices 51
II Freeware Utilities 52
Page : 6 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
Preface The current Covid-19 pandemic has brought the world to a grinding halt. More so
in India, where the government decided to take proactive measures & announced
lockdowns much before most of the countries. This crisis has brought to fore an
unprecedented situation for all us professionals. Most of the firms were
unprepared for the situation & their professional engagement work was brought
to a grinding halt. Fortunately, due dates for most of the compliances were
postponed, but still there are many other engagements which need to be attended
to despite lockdown. Even after lockdown is lifted gradually, closure of office is a
persistent threat. If any one person in office or even a visitor to office is found to
be infected, the office has to be closed for a quarantine period of minimum 14
days or as may be declared by the Government from time to time. Chartered
Accountants & their staff are twiddling thumbs in their homes. The situation could
have been mitigated to a large extent had the firms had geared up for the
eventuality beforehand. Upgraded Information Technology (IT) infrastructure was
the magic bullet which we have failed to bite over the years.
Sensing the despondency prevailing in the fraternity, Pune Chartered Accountants’
Society (PCAS) conducted an online survey & organised a video conference to take
stock of the situation & views of the Chartered Accountants. In the course of this
deliberation it was decided to form few groups to undertake certain tasks. As a
result this group was constituted to formulate a “Technology Upgradation & Work
from Home (WFH)” guidelines. Further it was felt that some discussions on various
IT infrastructure is also needed, only then WFH guidelines will be meaningful.
Hence an attempt has been made to make this publication a comprehensive guide
for CA firms to upgrade their IT infrastructure to be in sync with needs & at the
same time such endeavours are cost effective. These guidelines have been
prepared keeping in mind three major stakeholders i.e. Chartered accountants
office and the proprietor or partners, staff including articles and lastly but most
importantly, the clients.
Pune Chartered Accountants Society is extremely thankful to this particular Study
Group headed by CA Shirish Deshpande and consisting of CA Deepak Sugandhi as
convenor and CA Anand Pansare, CA Sujit Mehta, CA Karan Chandwani as team
members, for the pains taken in coming out with this publication. We are grateful
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 7
to Shri Avinash Gokhale for the technical review and Adv. Vivek Sadhale for legal
review of this publication. We are also thankful to the members of the Managing
Committee of Pune Branch of WIRC of ICAI led by CA Abhishek Dhamne and our
regional council members from Pune for continuous support. At the end we must
express our gratitude towards CA (Dr.) S. B. Zaware, past CCM and CA
Chandrashekhar Chitale, Present CCM for their constant guidance and words of
encouragement, not only in coming out with this publication but also for
revamping the activities of Pune Chartered Accountants’ Society.
We take this opportunity to appeal to all the members to become members of
Pune Chartered Accountants’ Society and to involve in its functioning. Application
Form for membership has been made available online at
https://bit.ly/PCASmembershipForm.
We are sure that this publication will be of immense use to our professional
colleagues and they will be able to manage their work flow efficiently and
effectively with the help of this publication.
Pune, 30th May, 2020. CA Dinesh Gandhi
President, Pune Chartered Accountants’ Society
Page : 8 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
Scope The scope of this publication is to raise awareness about all the possible IT based
solutions to facilitate remote office setup. This publication in no way endorses any
particular software/hardware which are reviewed/discussed herein. All reviews &
analysis are to bring basic awareness only & not vouch for performance of the
solutions in stated manner. The objective is to improve tech literacy & not to
impart tech education. Readers should do their own analysis of suitability of
published solutions either on their own or with help of domain experts. Though
intent was to primarily address WFH issues, it was realised that the entire gamut
of IT infrastructure needs to be considered to have a coherent IT policy. Hence
many other issues relating to IT are covered in this publication to broaden the
knowledge horizon. Further this publication is not generic in nature. We have tried
to share names of the products, especially free & open source, so as to provide a
base to start taking an informed decision on a particular solution.
Definitions & Acronyms ⚫ ADF : Auto Document Feeder - system in printer or scanner where multiple
pages can be loaded at a time for copying or scanning.
⚫ Adware : Software that has advertisements embedded in the application.
There is no price for software usage.
⚫ BYOD : Bring Your Own Device - devices like laptop, tablets, etc. are
brought to the office by employees. Assets are owned by employees which
are used in office or connected to office infrastructure remotely.
⚫ CAL : A Windows Server Client Access License (CAL) is a license that gives
a user or device the right to access services of the server.
⚫ Client : Means Firms’ clients whom firm is engaged in various capacities as
CA firm.
⚫ Data : All information located on Computer systems belonging to firms
including but not limited to; data on Servers/Desktops/Laptops/ Hard Disk
/Mobile devices and or in cloud wherever that is available.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 9
⚫ Device : All Computers Desktops /Laptops/TABs/ Mobiles and its
peripherals such as Printers, Network devices such as routers, firewall, any
other equipment such as Disks / Pen drive. which are notified by the firm
to connect to the official network by the firm.
⚫ DPI : Dots per inch - measure of display resolution or printing/scanning
density.
⚫ EULA : End User License Agreement - are normally terms & conditions of
use put up by software developers, which we have to accept before
installation software.
⚫ Freeware : Software which is free to use. Some are free only for personal
use & some free for all purposes. Usage subject to EULA.
⚫ HO : Main Office of a CA firm ,having a main server located therein. Office
where all administrative support services of the firm are provided from.
⚫ IMAP : Internet Message Access Protocol (IMAP) is an Internet standard
protocol used by email clients to retrieve email messages from a mail server
over a TCP/IP connection.
⚫ IP Address: Internet Protocol address, is an identifying number for
network hardware connected to a network. Having an IP address allows a
device to communicate with other devices over an IP-based network like
the internet. IP can be static (same address is allotted by service provider
for each session) or dynamic (an ip for each session is allocated from pool
of ip addresses available with service provider).
⚫ ISP : Internet Service Provider - who provides last mile connectivity to the
internet.
⚫ LAN : A local area network is a computer network that interconnects
computers within a limited area such as a residence, school, laboratory,
university campus or office building.
⚫ Leased Line : A leased line, also known as a dedicated line, connects two
locations for private voice and/or data telecommunication service. A leased
line is not a dedicated cable; it is a reserved circuit between two points. The
leased line is always active and available for a fixed monthly fee.
⚫ Malware : software / code in software that is specifically designed to
disrupt, damage, or gain unauthorized access to a computer system.
⚫ OCR : Optical Character Recognition - content from scanned documents is
converted into plain text which can be edited or searched.
Page : 10 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
⚫ Open Source Software : Means a software that is not only free to use but
also the programmer has made the source code publicly available. It would
be pertinent to note that all software have End User License Agreement
which we have to accept while installing the software.
⚫ Port Forwarding : is the behind-the-scenes process of intercepting data
traffic headed for a computer's IP/port combination and redirecting it to a
different IP and/or port. A program that's running on the destination
computer (host) usually causes the redirection, but sometimes it can also
be an intermediate hardware component, such as a router, proxy server or
firewall.
⚫ POP : Post Office Protocol ( POP) is an application-layer Internet standard
protocol used by email clients to retrieve email from a mail server. POP
version 3 ( POP3) is the version in common use.
⚫ RAID : Redundant Array of Independent Disks - is a data storage
virtualization technology that combines multiple physical disk drive
components into one or more logical units for the purposes of data
redundancy, performance improvement, or both.
⚫ SaaS : Software as a service (SaaS) allows users to connect to and use
cloud-based apps over the Internet. SaaS provides a complete software
solution that you purchase on a pay-as-you-go basis from a cloud service
provider.
⚫ Sensitive Data : Any Personal information which consist of
o Passwords.
o Financial Information of Clients or any other person.
o Personal identification information means: Sensitive personally
identifiable information can include Birth Date full name, PAN card
Number, ADHAR card Number, driver's license, financial information,
and medical records.
⚫ SLA : A Service Level Agreement (SLA) is the service contract component
between a service provider and customer. A SLA provides specific and
measurable aspects related to service offerings.
⚫ SOHO : Small Office / Home Office - very small organizational setup with
fewer than 10 employees.
⚫ SSID : "Service Set Identifier" - An SSID is a unique ID that consists of
32 characters and is used for naming wireless networks. When multiple
wireless networks overlap in a certain location, SSIDs make sure that data
gets sent to the correct destination.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 11
⚫ USB : Universal Serial Bus is an industry standard that establishes
specifications for cables and connectors and protocols for connection,
communication and power supply between computers, peripherals and
other computers.
⚫ User : All Partners /Employees/Article clerks who are authorized by the C
A firm to use the Firms infrastructure including computer Systems.
Outsiders who are not employees authorized by Firm for contractual
services for the firm and authorized by the Firm.
⚫ VDI: Virtual Desktop Infrastructure is the technology for providing and
managing virtual desktops. VDI service provider hosts desktop
environments on a centralized server and deploys them to end clients on
request.
⚫ VPN: Virtual Private Network is an extended private network across public
networks.
⚫ WiFi: Wi-Fi stands for wireless fidelity. WiFi is a technology that uses radio
waves to provide network connectivity. A connection is established using
a wireless adapter to create hotspots — areas in the vicinity of a wireless
router that are connected to the network and allow users to access internet
services.
Page : 12 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
IT Infrastructure The entire gamut of IT infrastructure can be further divided into following
categories:
1. PHYSICAL RESOURCES:
1.1. Office Deskspace : The basic requirement in physical resources is office
premises. Even if most of the operations are designed to be undertaken
on the cloud or at client locations, at least a token presence of office
premises is required. In view of Covid-19 scare social distancing has
become a norm. Hence it becomes imperative that staff seating
arrangements are made in such a way that social distancing is maintained.
1.2. Seating Arrangement : This is one of the most ignored aspects of the
work environment. Comfortable seating & desktop arrangement should be
made available to reduce fatigue & resultant errors in working. Adequate
lighting should be maintained.
1.3. Server Configuration : It is normal to see a workstation configuration
machine is designated as a server to host central file storage & application
software servers. For moderate load of applications & 5-6 node machines
this arrangement should be sufficient. Minimum configuration of Intel i5
CPU, 8 GB RAM & 1 TB hard disk space should be adequate. However, if a
server version of Windows OS is to be installed, then it would be better to
increase RAM to around 16 GB & Xenon range CPUs. For more node
machines it would be preferable to use server machine configuration to
get optimum results.
Another possible structure would be to have a server machine with
necessary user CALs & nodes connect to the server through remote
desktop connection. The node machine needs to be moderately powered
& can be based on Linux OS. This will save the cost of OS & Office suite
licensing on node machines. Most of the application software we use for
our practice is not compatible with Linux OS, hence it would not be
preferable to go for complete Linux based architecture. Gradually as we
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 13
move towards cloud-based applications, Linux installations will increase.
Linux OS will take time to get accustomed to, hence this factor has to be
kept in mind before adopting this model.
1.4. Desktop PC : For staff having frequent assignments outside office,
laptops can be given. Within office a desktop PC should be adequate. Basic
configuration can be as follows - Intel Core i3 or i5, 8 GB RAM, 1 TB HDD,
Windows 10 Pro. Note that as per Microsoft licensing terms, Windows
Home version cannot be used for commercial purposes.
1.5. Thin Client Architecture : In thin client architecture within a LAN
environment, nodes connect to a server in a remote desktop type of
interface. All computational load is at server side & minimal processing
power is required at nodes. For Windows server requisite licenses are to
be obtained for server & concurrent users (CALs). For node machines
normal machines can be converted into thin client nodes by installing
software or specialized minimalistic hardware that is made available by
the vendor. There are few options available for thin client setup.
1.6. Firewall / Proxy Server:
Firewalls are basically network security devices (hardware &/ software)
that monitor and control the network traffic on the basis of predefined
rules. A firewall setup can be a combination of various hardware and
software tools, that are used to prevent any kind of unauthorised access
or intrusion.
A proxy server is a computer system or router that functions as a relay
between client and server. It helps prevent an attacker from invading a
private network and is one of several tools used to build a firewall. Using
proxy servers enables us to effectively safe-guard the main server, as the
way of any communication is routed through the proxy server.
Hardware Firewalls do the work of a router as well. Firewall typically
barricades the network traffic between secured networks (eg. office /
Home LAN, intranet in an organisation) and unsecured networks
(internet). Due to this functionality, firewalls can be effectively used as an
integral part of VPN. Firewalls are basically to secure server systems.
Page : 14 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
1.7. Printer: Following table summarizes printer options;
Inkjet or Laser
Printer.
a. Inkjet is cheaper.
b. Inkjet consumes less power. c. Laser may not work on some inverter powered
systems. d. Lasers printers are faster. e. Inkjet heads get clogged if unused for some
time. f. Water/sweat will cause smudges in inkjet
printouts.
Multifunction (all in one) or Basic.
a. MF printers are costly. b. All in one combine printing, scanning, copying
& fax. c. MFP can be used for copying. d. Standalone can be standby.
e. OCR software comes bundled with MFP.
Colour or B/W model.
a. Mono printers are cheaper. b. Refill costs are more for colour.
c. Colour prints are attractive. d. Letterhead can be printed.
Scanner type - ADF
or flatbed.
a. Flatbed can scan only 1 page at a time. ADF
can take 8-10 pages at a time. b. Staple pins have to be removed for ADF.
Duplex Printer. a. Duplex printer can print on both sides automatically reducing paper cost.
b. More time required for manual duplexing. c. Duplex capable printer is costly.
Networked or USB
connected.
a. USB connected printer has to be physically
near the PC. b. Networked printer can be stationed anywhere
in office. c. USB printer has to be shared for network
usage, hence connected PC should always be
on. d. Network printer operates independent of PC.
Wired or Wireless Network capable.
a. Wired printer restricted to availability of network node.
b. Wireless printer can be placed away for wired
network node point. c. Wired network printer is slightly faster.
d. Wireless printer can be moved around as per convenience.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 15
1.8. Scanner: Nowadays a separate scanner is not required. As mentioned
above All-in-one i.e. Multifunction network printers (All-in-one i.e. printer
with print, copy, scan, fax facilities) can be used for this purpose. Even
applications like Camscanner can be used on smartphones for this
purpose. Portable, easy to handle & wireless scanners are also available in
the market. However, if the scanning load is going to be substantial, then
a dedicated standalone scanner can be considered. Dedicated scanners
have larger ADF capacity & duplex scanning capabilities. Thus increasing
the scanning capabilities. Documents scanned at minimum 300 dpi
resolution are preferred for OCR & archiving purposes.
1.9. Broadband Connection(s): Broadband Internet service truly is the most
used form of Internet access because of its high access speeds; it is offered
in four different forms, DSL (or Digital Subscriber Line), fiber-optic, cable,
and satellite. An average CA office would require a minimum of speed of
2 mbps. Higher bandwidth will be required if there is media consumption,
virtual network, remote backups, etc. Also leased line can be opted to get
dedicated bandwidth. Obtain static IP to enable advanced networking
solutions discussed elsewhere in this publication. Companies like BSNL are
providing leased line services with 1 static IP at reasonable rates. Further
it is suggested to have internet connections from two different ISPs to
ensure network redundancy. In case of staff operating from remote
locations, depending upon connectivity in the premises of staff, option of
selecting service provider can be given to staff itself. Use of optical fiber
cables increases speed of the network.
1.10. Router: This is an equipment that allows communication between your
local home network—like your personal computers and other connected
devices—and the internet. An ISP connects the broadband cable to a
modem, which is in turn connected to the router. Some ISPs connect
directly to the router. Routers provided by ISP are basic models. Router
provides wired & wireless connectivity. Advanced features available with
top end models are;
⚫ Dual range 2.4 GHz & 5GHz. Former is slower but the coverage area
is wider.
Page : 16 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
⚫ For increasing wireless router range extension dedicated repeaters or
normal routers in repeater mode can be used.
⚫ Longer coverage area to stronger signal strength.
⚫ Dual SSID - one for regular use & other for sharing with guests or
temporary connections. It's a good practice to frequently change
passwords of your WiFi connection. However, all connected
equipment have to be reconnected on change of password. If the
second SSID & password is shared for temporary connections, only
that password needs to be changed.
⚫ Dual ethernet network connectivity to provide internet connection
redundancy and load balancing.
⚫ Making available a storage device like USB device or Memory Card
for network storage & media streaming.
⚫ Some routers come with VPN capabilities & software.
1.11. Network Attached Storage: NAS is a standalone equipment which can
perform multitude of services other than being a backup device. A NAS
has following benefits;
⚫ NAS devices are affordable backup and storage solutions; There are
no expensive licenses to purchase.
⚫ NAS devices offer data redundancy using RAID technology in case of
hard drive failures. This simply means that you can use multiple hard
drives to store your data and if one fails, there is another one
available to take over your backups.
⚫ You will have a peace of mind knowing your data is being backed up
regularly and provides security against any hard disk failure in the
RAID.
⚫ Remote Access - You can access your files anytime and anywhere.
⚫ They provide mobile apps to access NAS not just from your mobile
but also to take backups of mobile devices. Backups of photos &
videos are features many people need.
⚫ Many applications are available with NAS like Email server,
Chat/messenger, Spreadsheets, Word processor, Virtual machine
hosting, VPN server, Calendar, Note taking, Website hosting & many
more.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 17
⚫ File systems of NAS (Linux based) are different from Windows file
systems, hence most virus attacks like ransomware don’t affect files
stored on NAS.
Dominant players in SOHO segment for NAS are Synology & Qnap.
From the reviews analysed Synology provides a better value for
money in terms of software made available by the company. In
addition, many third-party applications are also available. However,
they are priced slightly higher than competitors.
Moreover, the issue of automatic remote backups can also be taken
care of by sharing storage space with other people having a NAS. So,
two persons with NAS can be remote backup co-location for each
other. Data security can also be achieved by encrypting the co-
located stored data. Co-location arrangement can be made with
another CA firm or friends.
2. INTANGIBLE RESOURCES:
2.1. Server OS -
Server Machines and their OS are different from the normal Personal
Computer OS. Popular server OS in India are Windows Server and Linux
Server Editions. The server class machine can also be used as one of the
nodes in an office environment. But it is not recommended due to security
issues.
2.2. Desktop OS -
Microsoft Windows is the most commonly used OS in CA Fraternity and
most popular in India and world over. Windows 10 and Windows 7 are
amongst the currently used versions. It is recommended to discontinue
the Windows 7 version, as the support is stopped by Microsoft and all
further updates are only available in the Windows 10 version.
Page : 18 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
Another user friendly and customizable OS is Linux. One can effectively
use Linux, along with compatibility software to use Windows based
application software. This option can be explored by firms having budget
constraints over licensed software. There are many distros of Linux.
However the following distros are reviewed as easy for migration of
Windows users - Linux Mint (Cinnamon), ZorinOS, Robolinux & ChaletOS.
Windows applications can be used on Linux by installing Wine. Wine is a
compatibility layer capable of running Windows applications on Linux.
However not all Windows applications run even with Wine.
2.3. Office Applications:
Office Suite applications can be broadly categorised in Online use (cloud
based) and offline use (local application installed). One can choose the
type and make depending upon the factors like cost, internet connectivity,
number of users, etc.
Microsoft Office is the most popular and widely used Office Suite
Application. The licenses of MS Office are available for the online as well
as offline use versions.
Following are the major suppliers of office suite -
Offline Versions Online (Cloud) Versions
MS Office, Libre Office (free),
Open Office (free), Calligra Office
MS Office 365, Google Suite,
LibreOffice, Polaris Office, Quick Office, Zoho Office, iWork
Some of the above have mobile applications as well for both Android &
IOS platforms.
2.4. Email Client: Emails can be accessed online through browser or
downloaded on PC with email client. Gmail & Outlook are well known online
mail clients. Few lesser known ones are Squirrelmail, Roundcube, etc.
Internet connection is a must for an online email client. To overcome this,
email client software is installed on PCs which download emails on the
machine and are available even if there is no internet connection later.
Again Outlook comes bundled with MS Office suite. Some of the few free
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 19
standalone mail clients are Thunderbird, Windows mail, Zimbra Desktop,
Pegasus mail, Opera Mail, etc.
Some important features to look in email client are;
⚫ Tabs - Whether email messages can be opened in separate tabs.
(Thunderbird)
⚫ Addons - What is the ecosystem of addons available. (Thunderbird)
⚫ Syncing - Whether syncing of contacts, calendars, notes, etc. is
possible.
⚫ Unified Inbox - A consolidated inbox for email accounts to see all
mails in a single inbox.
2.5. CRM: CRM stands for Customer Relationship Management. With a CRM
system, you can automate and integrate your customer-facing activities:
sales, marketing, customer service, and e-commerce. Some CRM software
also offers tools for customer analytics, personalisation, social media,
collaboration, and more. One important aspect of the CRM approach is the
systems of CRM that compile data from a range of different communication
channels, including a company's website, telephone, email, live chat,
marketing materials and more recently, social media. There are few open
source CRM systems available like SugarCRM, Mailchimp, SuiteCRM, etc.
On the face of it, CRM is primarily used for marketing functions, but it can
be suitably used for interaction with clients in CA office.
2.6. VPN Services:
Virtual Private Network (VPN) is an extended private network across public
networks. In simple words, VPN enables a user to connect to his/ her office
network using the internet, through a secure network tunnel.
There are some prerequisites to set up a VPN. Common minimum
requirements are as follows:
⚫ VPN subscription (charged on per user basis by providers)
⚫ Firewall- Hardware
⚫ Broadband connection with Static IP (from ISP)
In most of the WFH setup, VPN facilities are used.
Page : 20 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
Furthermore, VPN can also be used for -
⚫ Bypass geographic restrictions on websites or streaming audio and
video.
⚫ Protect yourself from snooping on untrustworthy Wi-Fi hotspots.
⚫ Gain at least some anonymity online by hiding your true location.
Open Source (Free) VPN: It would be worth mentioning that there are
few open source VPN software available like Softether VPN & RAdmin.
Softether is a prominent option with good reviews. Additional advantages
of this server are;
⚫ Static ip is not required,
⚫ Firewall port forwarding is not required,
⚫ Number of users upto 4000 &
⚫ for client, user authentication through digital signature & smart card-
based system can be implemented in addition to login
name/password combination.
2.7. Remote Desktop : In remote desktop systems, screen sharing of a
desktop is done with a user located at a remote place. An exclusive session
is established between the PC & remote user. All applications are running
on the host machine itself. Remote user is only getting display remotely.
There are various applications providing remote access facility like
Microsoft Remote Desktop, Google Remote Desktop, Teamviewer,
Anydesk & some others. RDP connection with admin user rights can take
complete control of the server machine. Hence precautions must be taken
in assigning access rights to users ids to be used for remote access. Let
us analyse these technologies;
Particulars
/ Features
Microsoft
RDP
Chrome
Remote Desktop
Teamviewer Anydesk
Multiple concurrent
users
Only on MS server with
multi user licenses.
No No No
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 21
Method of connection
Remote connection
application
Chrome browser
Application Application
Pricing Client - Free, Server cost as
above
Free Free for personal use
Free for personal
use
Setup Port forwarding at
server gateway
Chrome browser
extension installed
Application to be installed
Application to be
installed
2.8. Own Website Hosting / Email Server : Yes you read it right, you can
host your own website, email server & quite a few other
applications/services. Software for doing all this is free. XAMPP is a free
and open-source cross-platform web server solution stack package. It can
be configured to be available over the internet or only on the intranet.
There are other suites like WAMP, LAMP, etc. but XAMPP has larger
implementations. Following are some of the free applications which you
can install on your XAMPP server:
SOFTWARE NAME APPLICATION
Joomla Content Management System (CMS)
Drupal CMS
Wordpress CMS
Prestashop e-commerce
Magento e-commerce
SugarCRM CRM
SuiteCRM CRM
Documwiki Wiki
Mediawiki Wiki
OrangeHRM Human Resource Management
Mooble e-learning
Mercury Mail Email server
Page : 22 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
Before you jump into self-hosting your website or email server, you need
to take few precautions & address the following concerns;
⚫ A static IP is needed.
⚫ Domain name with appropriate DNS settings.
⚫ 24x7 internet connection with good bandwidth.
⚫ Firewall to protect from unauthorized access.
⚫ Power backup.
⚫ Robust Data backup.
2.9. Portable Apps: These are software which can be used without installation
on Windows OS. Due to numerous installations & uninstallations, windows
PC tends to get slower over time. There are certain software
developed/modified to work without being installed. The website
portableapps.com has a huge repository of such software to download &
use for free.
2.10. Audio Visual Communication: Gradually the communication is leaning
towards audio visual mode. During Covid-19 lockdown the process has
accelerated, not just due to online webinar/conferencing but also due to
social media impact. Hence CA firms should be geared towards providing
information to their clients in audio visual format in addition to formal
written communication.
2.10.1. For podcasting only audio recording is required which can be achieved
without additional cost using mobile phones. In addition,
microphones can be used to record good quality with noise control
features. Further the recorded audio can be edited using a freeware
called Audacity.
2.10.2. For preparing video messages you will need to have screen recording
software, camera device & video editing software. Video recording
can be done by using an inbuilt camera in a laptop or by installing a
webcam for PC. For screen recording following free software can be
used; OBS Studio, Windows 10 built-in recorder by pressing
win+alt+r, VLC Media Player & Flashback Express. Some commercial
software are Camtasia Studio, Icecream Screen recorder &
ApowerREC.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 23
2.10.3. For video editing following free editing software can be used; DaVinci
Resolve, VSDC, Shotcut, Lightworks & Hitfilm Express. Commercial
software are Adobe Premier, Cyberlink Power Director, Corel Video
Studio Ultimate & Pinnacle Studio.
3. VIRTUAL (CLOUD) RESOURCES:
3.1. Hosted Website : Hosting of a website has never been so easy due to
technological advancements, packages offered by the ISPs and availability
of step by step tutorials on platforms like YouTube, GitHub, etc. Many
blogging sites also post these tutorials which would help a CA to host a
website at a cost as low as Rs.1,000/- per year.
Having an own website and customized email domain increases the
marketing value of the user and use of their own domain instead of generic
domains can add up data security and integrity quotients. Furthermore,
the website can be updated frequently with latest information and links,
which can help the website user, clients etc. to update themselves. A
website can also be effectively used as file server with access controls, to
access the frequently needed information such as previous year financial
statements, static documents such as registration certificates, etc. It is
suggested to follow guidelines issued by ICAI in respect of hosting of
website by a Chartered Accountant. Guidelines are available on -
https://resource.cdn.icai.org/39896esb191115.pdf. Members can create website free
of cost through ICAI portal. More details available at
https://www.icai.org/post.html?post_id=7410.
Following domain and hosting websites can be used to float a website:
Domain Names Hosting
Google domains, Go Daddy,
Hostinger, Bluehost, Hostgator
Go Daddy, Hostinger, Bluehost,
Hostgator
Page : 24 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
3.2. Email Server : Email has become the backbone of communication means
in a professional office. Since email is considered as valid evidence under
the Information Technology Act the significance of the same has increased
many fold. Hence it becomes imperative that utmost attention be given to
the email systems being used in our offices. In almost all cases email
servers are hosted by third party service providers be it Google GSuite or
some other provider. Following issues need to be considered while
selecting on the service provider;
3.2.1. Data connection between server and client or browser should be in
encrypted mode.
3.2.2. Login passwords should be changed frequently.
3.2.3. Login credentials should be carefully shared with other applications
like CRM, etc.
3.2.4. Backup of emails should be maintained irrespective of the fact that
service provider is maintaining it.
3.2.5. Further due to mailbox size limitations, we are forced to delete emails
at some point of time. Hence maintaining backups at our end
becomes paramount.
3.3. Chat Messengers:- These apps can help staff members to stay in touch,
even if they work from home. These apps help in instant messaging, audio
as well as video calls, file sharing, screen sharing, one-on-one
conversation etc. There are many applications, paid as well as free,
available and one can choose one depending upon requirements. Chat
apps can increase productivity because they make conversations easier to
track, improve teamwork. Following are some of the chat applications used
commonly:-
Paid:- Slack, Zoho Cliq, Microsoft Teams, etc.
Free:- Skype, Google Hangouts, Whatsapp, Telegram, etc.
While selecting a chat messenger app following points can be
considered:-
⚫ Supported OS - like Android, iphone / ipad, Linux, Windows
etc.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 25
⚫ Availability of Web versions.
⚫ Security - End-to-end encryption.
⚫ Data backup – Cloud or in-house.
⚫ Recording - This is necessary if information is to be used for
legal support.
3.4. Workflow Management Software :
“Brain power should be used less for memorizing & more for thinking”.
In our practice we are doing exactly opposite of this. The compliance
scenario has got complicated due different laws applicable, different
frequencies, different forms, different due dates, staff assigned & various
other complications. Similar complications arise in other advisory services.
Audit engagements need to be divided into smaller milestones & tracked
accordingly. All this has necessitated having a Workflow Management
software to enable CA to spend more time on assignment & less on
remembering & tracking activities. Following points need to be considered
by choosing workflow management software;
⚫ Whether cloud-based architecture is there to enable access to
software from outside the office also.
⚫ Supported OS platforms - whether software can be accessed from
mobile devices also.
⚫ User based licensing analysis - whether the limitation on number of
users is concurrent users or simple count. Simple count means as
user count increases you have to take more user licenses. Users who
have left the organization cannot be deleted & get counted for license
costing.
⚫ Before you start evaluating Workflow Management software, prepare
a list of functionalities you want for performing your daily tasks. Go
through feature lists provided by each software provider on their
website & prepare a comparison chart. After this chart is done,
request for demo & trial of the software to evaluate whether all the
requirements & features in your list are getting fulfilled.
Page : 26 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
3.5. Video Conferencing :
3.5.1. Video Conferencing & Live Streaming applications have been around
for quite some time. However, as lockdowns were imposed due to
Covid-19, more people realised the existence of these options & their
importance. Many experts believe usage of these tools is going to
increase manifold henceforth as people will try to avoid costs & risks
associated with travelling for meetings. So, this is a widely used tool
for "Work From Home" model. Further the host can manage and
control the entire meeting through mute/unmute options, video on
and off options. The participant who wants to share in views can raise
his thumb for his turn to speak. So, the chaos can be avoided and
discussions can be in a disciplined manner. Live chats are also
possible during the course of the meeting. Further you will be able to
understand the count and names of persons attending the video
meeting. You can save a record of live chats, further you can maintain
video recording.
3.5.2. Basic analysis of some of Video conferencing software is as follows;
Software
Name
Participants
#
Cost Time
Limit
Chat Recording Phone
dial in
Google Meet
150 Free #1
NA Yes No Yes
Zoom 100 Free 40
mins
Yes Yes Yes
Whatsapp 8 Free NA No No No
Google Hangout
10 Free NA Yes No No
Skype 50 Free 24
Hrs
Yes Yes Yes
Facebook Messenger
50 Free 4 Hrs No No No
Microsoft Teams
10000 Paid NA Yes Yes Yes
Jitsi Meet 200 Paid NA Yes Yes Yes
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 27
Bluejeans 200 Paid NA Yes Yes No
Go To
Webinar
100 Paid NA Yes Yes Yes
Webex 8 Paid NA Yes Yes Yes
Jitsi is an open source software. You can host for free on your own
on a Linux machine. Many of the services above have free & paid
versions. Features in the free version are basic.
3.5.3. Video conferencing should be used where there are a limited number
of participants & it has to be interactive. If the purpose is only to
address a large number of attendees then live streaming should be
used. Some of the popular live streaming platforms are;
⚫ Youtube Live - Free, Livechat
⚫ Facebook Live - Free, Livechat
⚫ LinkedIn Live - Free
⚫ Periscope - Free
⚫ Instagram Live - Free, Livechat
⚫ Livestream - Paid
⚫ Twitch - Free
3.5.4. Following are some live streaming software;
⚫ OBS Studio - Free
⚫ FFSplit - Free
⚫ Youtube - Free
⚫ Facebook - Free
⚫ XSplit - Free
⚫ Streamyard - Paid, Multiple participants (only 6 with free)
⚫ OneStream - Paid, Multiple participants
3.5.5. Risks associated with Video Conferencing and some precautions;
⚫ No Confidentiality and security
All conversations and proceedings are not secured unless the
sessions are end to end encrypted. In practical scenarios one must
note that this is the biggest disadvantage of the process.
Page : 28 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
⚫ Recording is possible by some people during the meeting and care
is required to be taken about Not allowing the Recording Button to
operate through proper understanding and undertakings in case
required. Host can control it.
⚫ Sharing of Screen, Documents only after ensuring that only
authorised persons in the meeting.
⚫ Locking of meeting one can lock the meeting to prevent
unauthorised entry.
3.5.6. Network/Bandwidth Issues:
A common problem faced during video conferences or webinars is a
poor network connection or of bandwidth. Four indications of this
include: freezing the video, failing to screen-share, a long delay, or
choppy audio. To overcome it try following;
⚫ First, as a preventative measure, find out what kind of bandwidth
the product you’re using requires.
⚫ Next, complete a free speed test using speedtest.com to confirm
your upload and download speeds.
⚫ Other options include confirming with your Service provider/ IT
Person about availability of bandwidth and its speed. Further
during some particular time slot on every day, the speed may get
hampered. You can observe such time slots and can manage the
timings of your meeting accordingly.
3.5.7. Functionality Issues:
Software and hardware always come out with updates for a reason,
these updates ensure that your product is operating smoothly,
secure, and bug-free. Sometimes, if you’ve neglected to update the
hardware or software to the most recent version, problems can arise,
and the product won’t function properly. Ensure that they are
updated. Make sure to also to update the computer, mobile phone,
and web browsers.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 29
3.5.8. Audio Issues:
Sometimes you may hear an echo or something that sounds funny.
If you’re stuck using computer audio, a headset is good. Also check
for loose wires and make sure all the connections are firm.
3.5.9. User Error:
Sometimes problems occur during live conferences and webinars
because of the user’s unfamiliarity with the tool. Read through the
FAQs of your product and complete a trial run prior to using it live—
make sure you get all information.
3.5.10. General:
If you’re holding a webinar or online meeting for the first time. Be
prepared with the content well. Also know how to react quickly when
things go south. In case any other issues visit net/blog services of
the tool you are using for more information and FAQ.
3.6. Password Managers :
3.6.1. It is best practice to change passwords frequently, not repeating
passwords, keep password length at least 8 characters long, use a
mix of upper case, lower case, numbers & special characters. It also
should be a non-guessable word. For example combination of name
and birth date, names of spouse/children, name of the premises
should be avoided. Complying with all these makes it difficult to
imagine new passwords & even more difficult to remember them.
There are software to help in creating ideal passwords & recall those
when required. Only a single signon (master) password to access the
manager is required to access all other stored passwords.
3.6.2. Many of these software are available across platforms, hence
passwords are available irrespective of platform being used.
3.6.3. These applications assist in generating complex passwords & filling
up credentials, when the login page is opened.
3.6.4. Another very important benefit of this software is prevention of
providing credentials to spoofing sites. These software also store the
Page : 30 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
url of the login page, if the url opened in browser doesn’t match with
the stored url, then it doesn’t autofill the credentials. Thus protecting
users from phishing sites.
3.6.5. Some of the password managers are; Google Chrome, LastPass,
Roboform, Dashlane, Bitwarden, 1Password, Keeper, KeePassCX,
etc. Almost all of them have free version which has limited
functionalities. Best option can be evaluation before subscribing.
3.6.6. Some functionalities available are;
⚫ Import passwords from Browsers.
⚫ Two factor authentication.
⚫ Fill web forms.
⚫ Applications passwords management.
⚫ Sharing of passwords with other users.
⚫ Multiple supported OS/devices.
⚫ Export login credentials in excel or csv format.
3.7. Online Audio & Video Content :
3.7.1. Audio/Video content can be hosted on free platforms like YouTube &
Facebook or on your website.
3.7.2. Content hosted on free platforms are also accompanied by
advertisements. Such ads are displayed based on the keywords input
with the video. Hence some undesirable ads may get displayed with
your content.
3.7.3. Ensure that such content should not violate “Code of Conduct” issued
by ‘The Institute of Chartered Accountants of India’.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 31
4. ECOSYSTEM PARTICIPANTS:
An information system is by the people & for the people. Equipment on its own
is just a piece of hardware. Human interface is a critical component of the
system, except in Artificial Intelligence (AI) systems. Hence roles &
responsibilities of each category of persons interacting with the system needs
to be defined, documented & communicated.
4.1. HR Best Practices:
4.1.1. Maintain daily routine (office time).
4.1.2. Use a dedicated room/space for work and take regular breaks.
4.1.3. Use timeboxing to clearly separate your private tasks and work tasks.
4.1.4. Avoid social distractions during the work time.
4.1.5. Right infrastructure like - good light, comfortable temperature,
adjustable chair, computer keyboard, suited mouse, web cam,
telephone, headphones or earphones should be preferred.
4.1.6. Ensure internet connectivity and have alternate sources ready viz
broadband, data card, portable WiFi hotspot.
4.1.7. Use collaboration tools and productivity software like Slack, Asana,
Dapulse, ProofHub, Redbooth, Trello, Wimi, Milanote, etc to create,
track and share tasks.
4.1.8. Potentially switch to “agile working” mode with Huddles, Sprints, etc.
to prevent micro-managing, which will decrease motivation.
4.1.9. Avoid focusing on work all day long.
4.1.10. Leverage flexibility with regard to taking out time for a short walk,
etc. in between which will help you keep stress away.
4.1.11. Keep up a normal work mindset and remind yourself that this is the
new normal in order to stay motivated to work.
4.1.12. Set up informal coffee chats via TelCo or ViCo with your colleagues
and work mates and if possible, do this at the regular times you would
go to coffee breaks in the office.
4.1.13. Regular day end checks, reporting and aligning tasks achieved.
4.1.14. Be more diligent when planning the work and over communicate with
the team to ensure everyone is on the same page. Also, focus more
on goals and not on activities.
Page : 32 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
4.1.15. Teams should be encouraged to have virtual team events and open
WhatsApp team groups to share information and gel up with the team
members.
4.1.16. Regular virtual training sessions to understand the basics of software
and updates in it.
4.1.17. Real-time reviewing the work done by seniors and continuous
communication.
4.1.18. It is necessary to provide clear cut guidelines about cost
reimbursement for connectivity, Wi Fi service and Mobile
connectivity.
4.1.19. Dress code - For official meetings and video conferencing, even at
home, one has to be in formal attire so that seriousness of the
meetings is maintained.
4.1.20. You can refer to another publication on H.R. policies as brought in by
the Pune Chartered Accountants Society.
4.2. Communication and Syncing with Clients:
4.2.1. Collect the information of clients about clients set up of accounting,
use of particular systems by clients for example use of ERP software
like SAP, Oracle, Tally, etc. or other data systems.
4.2.2. Obtain the permissions from clients wherever required for example
remote login access for Partners and assistants. Understand their
system requirements for the access and follow the rules.
4.2.3. Have a detailed dialogue with client explaining the current situation
and planned Work From Home option for Authorized persons.
4.2.4. Process for Day to day monitoring and supervision should be
established. This can be supported along with proper reporting.
4.2.5. Stay connected with the clients over video calls and phone calls
regularly updating them about the progress of each engagement.
4.2.6. Try to provide online webinars for select-set-of-clients providing
practical solutions to the problems they are facing.
4.2.7. Understanding with the client and access through VPN or VDI.
4.2.8. Special care to be taken when accessing the folders and files from
the office server / client server, downloading them to our local PC
and then re-uploading them back to the respective server.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 33
4.2.9. Never access the live environment (with insert / edit / delete rights)
even if the client has no objection to the same.
4.2.10. Logon only with READ ONLY access or have the client’s staff extract
the data or screenshots and share with the auditor in our presence
with Video Conferencing tools viz Zoom, Blue Jeans, etc.
4.2.11. Clients may require scanning of our laptops and desktops, disabling
USB ports, etc.
4.2.12. Access control & Version control on documents, files, folders and their
updates is critical.
4.3. Service Providers:
4.3.1. Acquisitions:
⚫ Hardware - Check warranty coverage terms for period & components
while entering into purchase agreement. In case of a reseller, check
the terms and conditions with the original equipment manufacturer.
Generally, such information is contained on their website of
advertisements.
⚫ Software acquisition will be more complicated in relation to hardware.
Standard products like OS, Office Suite, etc. should not be much of
concern as terms are standard across. Only if there are optional
modules to be considered, you should analyse your current & future
requirements & select options accordingly. Also if available, you have
to weigh between one time license fees or periodical subscription
fees.
⚫ For SaaS applications you have to be even more judicious in the
subscription service. Evaluation of functions, features & optional
modules is going to be a complicated process. Very important part
would be exit clauses. You can’t afford to be Abhimanyu while
choosing a SaaS provider. While terminating services you should be
able to have view only access to the application or human readable
dump should be made available. Compare SLA claims & past history
of the provider. It would be advisable to verify claims with existing
users of the service. AMC are another important factor to consider as
this would be a recurring cost.
Page : 34 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
4.3.2. Wherever possible maintain local backups of cloud applications.
4.3.3. Always see that connections with cloud providers are in secured https
mode, to prevent unauthorised access to data during transmission.
4.3.4. Whenever updates to software are done, the vendor provides a
change log. Go through it and be aware of the implications on the
working of the software.
4.3.5. In case any hardware is leased, ensure that all your data on the
equipment is erased before handing it to the vendor on termination
of lease. Mere deletion of data would not be sufficient, as that can be
recovered. Use permanent deletion software to purge the same.
4.3.6. Haphazard customisations, improper credentials, open ports, etc.
may potentially generate risk.
4.3.7. Ensure your vendor and you comply with the regulations and
standards while using the service.
4.3.8. Continuous updation & training from the vendor with regard to the
software or application.
5. POLICIES & PROCEDURES:
5.1. DRP & BCP
Disaster Recovery Plan (DRP) & Business Continuity Plan (BCP) are
protocols & procedures to be operationalized in case of any eventuality
affecting the normal operations.
Business Continuity Plan:
Is a documented collection of procedures and information that is
developed, compiled and maintained in readiness for use in an incident to
enable an organization to continue to deliver its critical services at an
acceptable predefined level.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 35
Business Continuity Plan should be developed by keeping in mind a holistic
management process that identifies potential threats to an organization
and the impacts to business operations that those threats – if realized –
might cause, and which provides a framework for building organizational
resilience with the capability for an effective response that safeguards the
interests of its key stakeholders, reputation, brand, and value-creating
activities
Following are important points to be considered while preparing BCP
⚫ Disasters can be Natural and Manmade in both situations one must
prepare alternative plans to carry out its critical functions.
⚫ Natural Disasters - are those which are a result of Natural
Environment include fire, earthquake, tsunami, typhoon, floods, tornado,
lightning, blizzards, freezing temperatures, pandemic Like Covid-19,
severe hailstorms, volcano etc.
⚫ Man Made Disasters - are artificial disasters which arise due to the
actions of human beings it include, mistakes and errors terrorist attack,
bomb threat, chemical spills, civil disturbance, electrical failure, fire, AC
failure, water leaks, water stoppage, strikes, hacker attacks, viruses,
human error, loss of telecommunications, data center outage, lost data,
corrupted data, loss of network services, power failure, prolonged
equipment outrage, UPS loss, generator loss and anything that diminishes
or destroys normal data processing capabilities.
⚫ Matters to be considered in Business Continue Plan
■ Backup and Recovery strategies.
■ Strategies for Networked Systems
■ Wireless LANs
■ Strategies for Distributed Systems
■ Strategies for Data communications
■ Strategies for Voice Communications
■ Types of Recovery and Alternative Sites.
⚫ Mirror Site/ Active Recovery Site
⚫ Hot Sites
⚫ Cold Site
⚫ Warm Site
⚫ Reciprocal arrangements
⚫ Offsite Data protection
Page : 36 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
■ See table below taken from DISA (ICAI) material
⚫ Appropriate Insurance Policy is taken for all assets and for
persons.
⚫ Alternative reciprocal arrangements for Backup site should be
considered.
5.2. Backups:
5.2.1. Proprietor or Partner should designate a responsible person to ensure
the back up as per established guidelines.
5.2.2. Every day back will be done on an external hard disk or on pen drive
or on another computer at the end of the day. You can also schedule
the backup so that it can be taken automatically at a particular time
without human interference. Security of such external hard disks is
to be properly ensured. It should be kept away from any magnetic
field. If possible, register of back up is to be maintained so as to
ensure that backup is taken daily.
5.2.3. Occasionally backups are tested by restoring it on a separate machine
at residence of the proprietor / partner or designated person.
5.2.4. Alternate day this responsibility should be shared with one more
partner or designated person.
5.2.5. This will ensure that in case of disaster one of the recent backup at
home is available. It may be used as "Offsite Storage". In case of
undesirable disaster in your office, the backup restored at home can
be of great use.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 37
5.2.6. Currently there are many cases of RANSOMWARE and to avoid such
disaster, safe back up on outside machines needs to be ensured.
5.2.7. Cloud backup services are also available.
5.3. Email Backups:
5.3.1. It’s a common occurrence that our email inbox is full & we get
reminders for email service providers to purchase additional space or
delete some old mails to make space for new mails. If such space is
not made, then mails sent to that email id will be returned by the
mail server. Hence every once in a while, we are stuck with the
mundane chore of sorting unwanted emails & deleting them to make
some space. However, many times we are forced to look for some
email which we had deleted in the past & not finding it causes severe
anxiety & anguish. We always wish to retain all emails without paying
additional costs. Let us explore some means to solve this problem.
5.3.2. Email client : One solution would be to use an email client to
download all your mails & they would be available even after emails
have been deleted from the server. Following points need to be
remembered;
⚫ Make sure that the POP connection is used to connect to the email
server & not IMAP. IMAP by default syncs the structure with the
email server & hence deletions too will get propagated.
⚫ Over time email client performance degrades due to the increase
in data it is holding. The experience of using an email client itself
will be frustrating.
⚫ Email client data also need to be backed up frequently.
5.3.3. Email backup software: Some free email backup software are
Mailstore Home, KLS Mail Backup, Upsafe (only for Gmail).
Page : 38 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
5.4. Data Security:
Owners and Users are responsible for safety of Data. Owners will lay down
the Security measures for Computer Systems by installing appropriate
infrastructure. All USERS need to ensure the Safety of Data by adhering
to Rules framed by the Firms such as:
5.4.1. Not to share the data to unauthorized persons.
5.4.2. Not to transfer the data through the emails other than officially
allowed one.
5.4.3. Not to copy the data to the Devices which are not approved by the
FIRM.
5.4.4. NDA agreements are obtained by the firms from all the USERS having
access to the clients Data.
5.4.5. Firms will lay down the process by which File Names/Folder Names
are allotted and USERs must ensure compliance with the naming
process. Such as:
⚫ Confidentiality : Data not to be shared with anyone unless
permitted by FIRM.
⚫ Saving the files such as GOLD (or any suitable terminology) file
which is password protected when FINAL documents are stored
and no one should alter the GOLD files. Whenever repetitive work
is required to be performed same is done on the basis of copying
original file to Normal file and work is performed till it is labeled as
GOLD
Other matters relating to data security & access controls.
5.4.6. Passwords Management:
⚫ Please ensure that all accounts are protected with strong
passwords. Do not use the same password across multiple
accounts.
⚫ Passwords should be unique for every account and should comprise
a long string of upper and lower case letters, numbers, and special
characters.
⚫ Passwords should be changed frequently.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 39
⚫ Password of the staff member going on long leave or leaving the
organisation should be deactivated immediately.
⚫ System should force change of passwords at a certain frequency.
5.4.7. Virus & Malware Protection:
⚫ Biggest source of virus & malware is pirated software, games &
videos. Such software should not be stored or installed on
machines whether at home or at office. As viruses keep evolving
installing antivirus is no guarantee against loss of data.
⚫ Firewall can help to protect the systems from unauthorised
intrusion into your system. A good antivirus software is the next
defense by detecting and blocking known malware.
⚫ Antivirus must be a paid service, free Antivirus are not
recommended for Business use.
⚫ Quick Heal, Norton, Kaspersky are some recommended options if
you don’t already have antivirus software.
⚫ In case of a Ransomware attack, data files are encrypted & a
ransom is demanded to get a decryption key. Payment is
demanded through virtual currency. There have been instances
where decryption is not provided even after payment of ransom
demand. Hence it is preferable to not entertain such demands.
Following steps are to be undertaken;
Ransomware encrypted files have different file extensions. A
message pops up or a text file is stored in every folder with
instruction for payment of ransom.
Immediately disconnect the infected machine from the network
to stop the spread of malware to other machines.
Format the hard disk to terminate all traces of the ransomware.
Reinstall operating system & applications. Restore data files
from backup.
Some antivirus companies do provide decryption solutions, but
not all infections are curable. Further there is the possibility of
ransomware instances still residing undetected in the machine.
Page : 40 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
5.4.8. Secure your router at Office and at Home:
⚫ It is important to protect your Office and home network to prevent
malicious parties having access to connected devices.
⚫ Keep habit of Changing your router password periodically.
⚫ Make sure firmware updates are installed so that security
vulnerabilities can be patched.
⚫ The encryption should be set to Restrict inbound and outbound
traffic.
5.4.9. Install updates regularly:
⚫ Updates to device software and other applications are important.
Updates often include patches for security.
⚫ Set updates to run automatically.
5.4.10. Beware remote desktop tools:
⚫ Remote access to desktop like Teamviewer/Anydesk should be
given only to the authorized persons and need to be carefully
monitored.
5.4.11. Lock your device:
⚫ Once work is over all devices should be locked or signed off
carefully.
⚫ Workstations should lock automatically after a few minutes of
inactivity. In other words, if any staff member leaves his work table
for going to the washroom or for having food, tea, coffee or for
attending any meeting, his computer should get automatically
locked so that unauthorised use of the same can be avoided.
5.5. International Standards Organisation:
All matters pertaining to data security & access controls are elaborately
covered in ISO 27001. Members are requested to go through the
standards.
5.6. DCMM by ICAI:
The ICAI has recently released “Digital Competency Maturity Model for
Professional Accounting Firms - Version 2.0 and Implementation Guide”.
This will be a very useful tool in the benchmarking of IT environment in
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 41
office. Further details of the publication can be obtained from url -
https://resource.cdn.icai.org/57964daaab47265.pdf
WIRC of ICAI has also released “Guide To Working From Home For Every
Professional”, which elaborates on WFH issues. The same can be
downloaded from the url - https://www.wirc-icai.org/members/wirc-
publications/guide-to-working-from-home-for-every-professional
6. WORK FROM HOME :
It would sound strange that the title topic is being addressed so late into the
publication. Understanding of the technical jargon & issues was necessary to
get a proper handle of this topic. All possible solutions presume clear
understanding of the previous topics. In the end, it would be inevitable to
address the elephant in the room. As discussed in the preface, WFH is a
situation every practice firm is forced to reckon with due to the pandemic
lockdown. A routine practice for the IT industry has become inevitable for us.
Since there is no precedence of such work arrangement, we need to start from
basics in implementing the model. We will try to analyse specific issues &
possible solutions in implementing WFH model.
6.1. Human Resource Skills:
⚫ Capabilities of personnel to be able to start with WFH will vary according
to their exposure to such a model. Staff assigned to client location audits
will be having limited exposure to periodic reporting to the office. Every
staff’s skill needs to be upgraded for the WFH model.
⚫ Staff has to be imparted with basic training & a manual should be issued
to them.
⚫ Support personnel have to be designated to help others get onboard as
grasping capabilities vary from person to person.
⚫ Online team meetings should be encouraged.
6.2. Data Storage:
Page : 42 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
⚫ If data is stored on the cloud like SaaS or VDI or SharePoint, then the
initial setup period would be short with less additional expenditure.
⚫ However most likely firms will be hosting data in server(s) within their
premises. Check the possibility of making the data remotely accessible
either through VPN or remote desktop access.
⚫ For remote access, applications like Microsoft remote desktop,
Teamviewer, Anydesk, etc. can be used. However, there is limitation of
access to only one user per host machine. Thus, limiting the scaling up of
this model. Windows server with multiple CALs can be helpful to connect
many users to a single machine.
⚫ Some software licenses are locked to particular machines. Ask the
software vendor to make available such licenses to other connections
through VPN. For windows server RDP connection, licensing should be
delinked with machine & be made user id linked.
⚫ Check with the software vendor whether they have updated their software
for remote access. Some vendors have in fact made the software ready
for cloud access within this short span of time.
⚫ One quick fix solution is to keep all machines with licenses locked, be kept
switched on & remote connectivity enabled. Thus, each node will be put to
use. But this will entail an increase in power consumption as machines
have to be powered on 24x7.
⚫ Data syncing between host machine & node machine is not an issue
wherever working is being done directly on host through remote
connection. However, files generated with generic applications like Office
Suites are likely to be saved only on remote machines. Norms need to be
established for syncing the data with host machine & frequency of the
same.
6.3. Equipment:
⚫ Computer & internet connection are to major requirements of WFH model.
If an employee doesn’t have his own laptop or PC, then the firm has to
arrange for the same.
⚫ Configuration of the equipment and peripherals used by the employees
should be obtained from all the employees working from home so that the
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 43
same can be made compatible with the configuration of the systems
installed in office.
6.4. Internet Connectivity:
⚫ Internet connection would be critical at host machine location. Hence there
has to be internet redundancy & load balancing equipment at host location.
⚫ Also, if internet connection is not available at the residence of the
employee, then arrangement for the same has to be done. If WFH is going
to implement for a long duration for any employee, then firms can consider
paying for broadband connection. For temporary requirements, 4G
dongles can be provided.
⚫ As far as possible, internet connection from mobile hotspot should not be
resorted to as it does not ensure seamless connectivity.
6.5. Data Security:
⚫ Due to the nature of services, data security is weak. USB ports are
unlocked for DSC token, email is available to all employees, internet
access is generally to search for information. In WFH, additional threats
would be access to third parties of the equipment & data. Computers tend
to be shared with family & friends, which cannot be controlled by a firm.
⚫ In remote desktop access, the data will be stored on the host machine,
hence it is exposed only during the time machines being connected. Data
stored on the local computer remains to be unprotected. Employees must
be informed on the security concerns.
⚫ Storage of data on desktop or system default folders should be strictly
prohibited. Separate data folders should be maintained on drives other
than that of OS installation drive.
⚫ There are software which provide secured remote access to host machines
from any other PC. Data from the host machine will not be saved on the
client machine but only on the host machine. “Fusion SecureDesktop” is
one such application.
⚫ Another option would be to use File Syncing software which will constantly
updating changed files on all linked machines. Samepage & Allway Sync
are free for personal use & should fulfill requirements of small teams.
Page : 44 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
6.6. Communication & Updations:
⚫ Timely communication of the work status is an absolute must for efficient
execution of engagements. In the WFH model, this aspect becomes a
critical bottleneck due to lack of direct communication with team
members. Hence protocols must be established for updating of work
status. Here you can use some office administration software like Prodiary,
CA Dashboard, etc. through which work allotment, progress of work-in-
process, time management, billing, etc. can be monitored & managed. You
can use software like Slacks to keep a track of login and logout.
⚫ Further system of daily standup meeting and weekly reporting by the staff
can be introduced.
⚫ Where time is of critical importance, passing on the baton has to be a
timely & smooth operation. Preferably making a phone call to the
dependent team member will be preferred. In other cases, messaging
through app or email can be considered. Further if a complicated message
is to be passed, then a verbal explanation may expedite the matter.
⚫ Further communication with clients has to be in writing as far as possible.
For formal engagements modes of communication should be approved
under laws. Email is a valid mode under the Information Technology Act.
6.7. Backup:
⚫ Data on the host machine has to be backed up daily, even if the office is
closed. Data backup can be on NAS, another PC or remote location.
Automatic backup should be scheduled at a designated time, preferable
after end of day timings. These can be incremental backups.
⚫ Once a month or quarterly, complete backups should be made with copies
stored at a remote location.
⚫ Backup on employees’ machines can also be done either on host machine
or on cloud storage. If there is no backup power supply for PC, then backup
should be run in sync mode more frequently.
6.8. Drafting of Work From Home Policy:
The COVID-19 has changed the way people have been working. For many,
technology has been a great catalyst in keeping the work going even while
employees are away from their usual work environment. WFH will evolve
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 45
as organisations grapple with health concerns and balances the
productivity, privacy, collaboration, data theft etc.
WFH policy has to be framed from complete fresh perspective. It has to
have flavour of both Work from Office as well as Work from Home.
Marrying regulatory aspect with the data integrity and Firm culture is the
key to framing robust WFH policy.
WFH Policy should inter-alia cover the following broad areas:
• Applicability to whom
• Approval process for availing WFH
• Conditions while working from home
• Security aspects to be borne in mind while WFH
• What tools the Firm will provide to employee who is WFH
It is advisable for Firm to have a WFH Policy drafted and communicated to
the employees so that they are aware about the obligations towards data
confidentiality, security aspects etc.
6.9. Other Important Points:
⚫ Though work from home policy is introduced, care should be taken to see
that minimum staff members are available in the office so as to handle the
emergency matters. Rotational duties can be assigned to staff for coming
to office and for doing work from home.
⚫ Peculiarities of chartered accountants work may not allow smooth
implementation of work from home policy as it may not involve standard
process for all the clients. It depends mostly on clients' work environment,
technological updation, readiness to adjust with the developments in
technology. So standardised policy framing may be a difficult job. While
framing the policies, all these possibilities are to be taken into account
while framing the policy, further once prepared, it has to be reviewed and
updated periodically.
Page : 46 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
⚫ As far as possible, guidance should be provided to the staff working from
home in respect of their seating arrangements, light arrangements, etc.
so as to avoid any associated physical problems.
⚫ Work from home policy, if implemented successfully, will lead to savings
in travel time as well as in costs. Further it will reduce the risk of being
exposed to Covid-19.
⚫ It may lead to problems in training of new articles but by way of rotation
of duties, it can be overcome.
⚫ All the staff members are not expected to have printers at their homes.
This problem needs to be tackled correctly. Then can take the print outs
while in office.
⚫ Through VPN, access can be restricted to particular files or folders or to
the records of the particular clients only.
7. REGULATORY ASPECTS:
7.1. Client Consents:
7.1.1. Data with which we deal mostly belongs to our clients. It might be
shared with us either for assurance or advisory services. In the
course of engagement, the data will be accessed by our staff. Hence,
we have to always bear in mind the fact that ownership of that data
is of the respective clients & we are handling it in fiduciary capacity.
7.1.2. If in the course of engagement, we have to share or submit the
information to third party or statutory authorities, we need to have
documented authorization from the client for doing so.
7.1.3. We might obtain a standing consent for compliance matters.
However, we must maintain intimation or approval from the client for
submission of the data we have processed.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 47
7.1.4. If we are sharing client data with third party like bankers, etc., then
always obtain instruction or confirmation from clients to do so.
7.1.5. In addition to data we are also entrusted with Digital Signature Token
(DSC) of our clients to be used for submissions under various
compliances. It would be preferable to obtain a standing consent from
them relating to specific submissions to be made using the DSC
token. Again, it is recommended to share the submissions /
computation of total income, TAR, etc. with the clients and get their
approval on mail for submission / uploading the same. This is to
ensure that the client should not disown or feign ignorance of the
contents of the submissions made from CA’s office. It is also pertinent
to note that IP address of the CA gets recorded with the submissions
and hence the CA cannot escape from the associated responsibilities,
in case something goes wrong.
7.1.6. Employee should be educated about the confidentiality of the Client’s
data. Firm should get the Confidentiality Agreement signed from each
employee and third party with whom it shares any Client confidential
data.
7.2. Information Technology Act 2000/2008:
An Act to provide legal recognition for Digital Transactions and to bring all
activities in computerised world and cover all types of Cyber Crimes and
Frauds, Govt. passed the IT Act in Year 2000 and substantially amended
the same in 2008. It would be important to note following important
provisions of the Act;
7.2.1. S 43A : Compensation for failure to protect data:
Where a body corporate, possessing, dealing or handling any
sensitive personal data or information in a computer resource which
it owns, controls or operates, is negligent in implementing and
maintaining reasonable security practices and procedures and
thereby causes wrongful loss or wrongful gain to any person, such
Page : 48 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
body corporate shall be liable to pay damages by way of
compensation to the person so affected.
7.2.2. S 43B Penalties and Compensation for damage to computer
and computer systems etc:
Person is liable to pay damages to the person affected, if person
without the permission of owner or any other person who is in charge
of computer systems;
a. S 43 (a) - Accesses or secures access to computer systems.
b. S 43 (b) - Downloads copies extracts the data from the system.
c. S 43 (c) - Introduces virus.
d. S 43 (d) - Damages computer systems.
e. S 43 (e) - Disrupts the computer systems.
f. S 43 ( f) - Denies access to any authorised person.
g. S 43 (g) - Provides assistance to facilitate access to any person for
any unauthorized activities.
h. S 43 (h) - Charges the services availed by any one to account of other
person by tampering the records.
i. S 43 (i) - Destroys, deletes or alters any information in computer
systems.
j. S 43 (j) - Steals, conceals, alters, destroyed any computer source
code with malafide intentions.
7.2.3. Punishments:
a. S 65 - Tampering with computer source documents. Imprisonment
upto three years and fine upto two lakhs rupees or with both.
b. S 66B - Punishment for dishonestly receiving stolen computer
resources, imprisonment upto 3 years and fine upto one lakh rupees
or both.
c. S 66C - Punishment for identity theft, imprisonment upto 3 years and
fine upto one lakh rupees or both.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 49
d. S 66D - Punishment for cheating by personation by using computers,
imprisonment upto 3 years and fine upto one lakh rupees.
e. S 66E - Punishment for violation of privacy, imprisonment upto 3
years or fine upto two lakhs rupees or with both.
f. S 66F - Punishment for cyber terrorism, imprisonment which may
extend for life imprisonment.
g. S 67 - First conviction with imprisonment of either description for a
term which may extend to three years and with fine which may
extend to five lakh rupees and in the event of second or subsequent
conviction with imprisonment of either description for a term which
may extend to five years and also with fine which may extend to ten
lakh rupees.
h. S 67A - First conviction with imprisonment of either description for a
term which may extend to five years and with fine which may extend
to ten lakh rupees and in the event of second or subsequent
conviction with imprisonment of either description for a term which
may extend to seven years and also with fine which may extend to
ten lakh rupees.
i. S 67B - Punishment for publishing or transmitting and material about
child pornography:
a. First conviction: Imprisonment upto 5 years and fine upto ten
lakhs rupees.
b. Second / subsequent convictions: Imprisonment upto 7 years
and fine upto ten lakhs rupees.
7.3. Copy Rights Act 1957:
7.3.1. S 63B - Knowing use of infringing copy of computer
programme to be an offence:
• Using software without licenses is non-bailable crime.
• Licenses which we obtain generally are licenses only to use as per
the terms of license. You cannot redistribute or violate any other
terms of license. Hence it is important to go through terms &
conditions of license before.
Page : 50 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
• Any person who knowingly makes use on a computer of an infringing
copy of a computer programme shall be punishable with
imprisonment for a term which shall not be less than seven days but
which may extend to three years and with fine which shall not be less
than fifty thousand rupees but which may extend to two lakh rupees
7.3.2. Power of police to seize infringing copies:
• Any police officer, not below the rank of a sub-inspector, may, if he
is satisfied that an offence under section 63 in respect of the
infringement of copyright in any work has been, is being, or is likely
to be, committed, seize without warrant, all copies of the work, and
all plates used for the purpose of making infringing copies of the
work, wherever found, and all copies and plates so seized shall, as
soon as practicable, be produced before a Magistrate.
• Any person having an interest in any copies of a work [or plates]
seized under sub-section (1) may, within fifteen days of such seizure,
make an application to the magistrate for such copies 2 [or plates]
being restored to him and the Magistrate, after hearing the applicant
and the complainant and making such further inquiry as may be
necessary, shall make such order on the application as he may deem
fit.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 51
ANNEXURE I
APPROXIMATE PRICES OF HARDWARE & SOFTWARE
Particulars Manufactures / Service
Providers Price Range
(INR)
- Hardware
Laptops ( i3, 4GB RAM, 500GB HDD)
Lenovo, Dell, HP 25,000 – 35,000
Laptops ( i5 & above, 8GB RAM, SSD)
Lenovo, Dell, HP 40,000 – 75,000
Desktops / All in ones ( not recommended) + web cam
Custom made, HP, Lenovo All in one
25,000 – 50,000
Server Class Machines ( with OS and RAID drive backup)
Dell, HP, Lenovo 1,00,000- 5,00,000
Firewall (Hardware only) Dell SOHO, Sophos,
SonicWall, Cisco, Quick Heal
12,500 –
1,00,000
- VPN subscriptions ( per user
basis)
SonicWall, Nord VPN, Quick
Heal (Seqrite), Sophos
2,000- 5,000
user / per year
- Antivirus ( per user/
computer basis)
Quick Heal, Kaspersky,
McAfee
500 - 5,000
Network Attached Storage
(NAS)
Synology, Western Digital,
QNap
20,000 –
1,00,000
- Softwares
Server Windows 2019 Essentials 41,000
Operating Systems - PC Windows , Linux, MacOS free – 50,000
Office suites - per user basis (with / without cloud storage)
Microsoft Office, Google Suite
1,500 – 12,000 Pu/py
Libre Office Free
Cloud Storage Microsoft Onedrive, Google
Suite, AWS, Dropbox
1,300 – 10,000
per year
Remote Desktop Management Microsoft, Teamviewer, Anydesk
in package – 3,000 pu/py
Page : 52 MAY ‘20
PUNE CHARTERED ACCOUNTANTS ’ SOCIETY
ANNEXURE II
SOME FREE UTILITY SOFTWARES FOR USE IN OFFICE:
Software
Name
Website Particulars
Wiztree https://bulkimagedow
nloader.com/
WizTree is a hard drive disk space analyser
similar to WinDirStat but is MUCH faster.
ShareX https://getsharex.co
m/
ShareX is a free and open source program that
lets you capture or record any area of your
screen and share it with a single press of a key.
It also allows uploading images, text or other
types of files to over 80 supported destinations
you can choose from.
OBS Studio https://obsproject.co
m
Free and open source software for video
recording and live streaming.
Station https://getstation.co
m
Station is the first smart browser for busy
people. A single place for all of your web
applications. Gmail, Whatsapp, Drive, Hangout,
many others in a single window.
Wox
Launcher
http://www.wox.one A full-featured launcher, access programs and
web contents as you type. Be more productive
ever since.
DaVinci
Resolve
https://www.blackma
gicdesign.com/produc
ts/davinciresolve
DaVinci Resolve 16 is the world’s only solution
that combines professional 8K editing, color
correction, visual effects and audio post
production all in one software tool! You can
instantly move between editing, color, effects,
and audio with a single click.
GIMP https://www.gimp.org
/downloads/
It is a program for such tasks as photo
retouching, image composition and image
authoring.
Handbrake https://handbrake.fr HandBrake is a tool for converting video from
nearly any format to a selection of modern,
widely supported codecs.
Ditto
Clipboard
https://www.microsof
t.com/en-us/p/ditto-
clipboard/9nblggh3zbj
q?activetab=pivot:ov
erviewtab
Ditto is an extension to the standard windows
clipboard. It saves each item placed on the
clipboard allowing you access to any of those
items at a later time. Ditto allows you to save
any type of information that can be put on the
clipboard, text, images, html, custom formats.
Grammarly
for Microsoft
Edge
https://www.microsof
t.com/en-
us/p/grammarly-for-
microsoft-
edge/9p59wxtbhzzm?
activetab=pivot%3Ao
verviewtab
Enhance your written communication
everywhere you type!
Print Friendly
https://chrome.googl
e.com/webstore/detai
l/print-friendly-
Print Friendly removes ads, navigation and junk
before your print. Pages are optimized for the
ultimate print reading experience.
TECHNOLOGY UPGRADATION & WORK FROM HOME POLICY
MAY ‘20 Page : 53
pdf/ohlencieiipomman
npdfcmfdpjjmeolj
Snapdrop snapdrop.net Transfer files between PCs/Android/Mac/etc. on
local network. Open portal on both devices to
discover.
Everything https://www.voidtools
.com/
Locate files and folders by name instantly.
TreeSize https://www.jam-
software.com/treesize
_free
Disk space management with TreeSize Free is
intuitive, easy and free.
Ninite https://ninite.com/ Install and Update All Your Programs at Once.
Chocolatey https://chocolatey.or
g/
Chocolatey is a software management solution
unlike anything else you've ever experienced on
Windows. Chocolatey brings the concepts of
true package management to allow you to
version things, manage dependencies and
installation order, better inventory
management, and other features.
X-Mouse
Button
Control
https://www.highrez.
co.uk/downloads/XMo
useButtonControl.htm
allows you to create application and window
specific profiles. This in turn, allows you to re-
configure your mouse behaviour for individual
applications or windows. For each profile you
can also configure up to 10 'layers' of different
button configurations which you can switch
between using hot-keys or mouse buttons.
ClipClip https://clipclip.com/ Clipboard Manager
ClipBoard
Fusion
https://www.clipboar
dfusion.com/
Clipboard Manager
ClipBoard
Master
https://www.clipboar
dmaster.com/
Clipboard Manager
******