Financial software used for company accounting services has a ‘core competency’ i.e. it is good at providing accounts and billing services. Although big brand financial software in and of itself is generally pretty sound, we need to be wary of exactly how much strength and robustness we ascribe to it.
A good financial software application package or suite may well be ‘robust’ in software terms i.e. it will not crash unexpectedly without warning just as a user is inputting data. But robust and secure have two different meanings in information technology as you will know, so we need to draw a line around the perimeter of our financial applications and assess business security risks from that point outward.
Even the most established financial software brands do not act as security protection layers for your small to medium sized business. It is important to make this distinction and provide appropriate levels of security protection and back up for your financial accounts.
Financial bulls eye
For many perpetrators of malware, a company’s financial assets represent the bull’s eye on the dart board of data breach. Being able to compromise a firm’s financial information can lead to bank account hacking, or the information can be used to analyse customer and partner relationships and billing levels. This is one step away from financial cyber espionage and, globally, this is a growing trend.
Remember, although you may feel that you “only” operate a small to medium sized business, this is low hanging fruit for hackers who might find deeper levels of security protection stopping them from attacking banks and larger enterprises.
Money is money and if it’s a numbers game that has to be played to aggregate data from more than one SMB, then computer systems are very good at automation and they can be programmed to do much of the back breaking work when required.
What we want to advocate here is a level of parallel thinking. That is to say: when a business thinks about human resources and employees, it should think about supporting recruitment services; when a business thinks about new business initiatives, it should think about management consultancy services; and when a business thinks about electronic finance and accountancy software, it should think about data security.
With this kind of approach on board, a company can assure its stakeholders that it has mitigated against the risk of financial loss and ensure that it will be trading for the long term. Continuity and business security mean everything in the modern economy, so keeping malware out of your financial systems is as important as keeping spam and viral infections out of your employees’ email accounts.
Customers, partners, industry peers and even competitors will be acutely aware of companies that do not appear to present ‘safely secured’ financial systems and, generally speaking, will quickly turn away in favour of other options.
So to put it succinctly and simply, running any sized business without information security controls, anti virus protection and data privacy policies is foolhardy to say the least. This is a case of both corporate ‘assurance’ and ‘insurance’ alike, even for sole traders and partnerships that want to be taken seriously, so please don’t get caught out.