As business professionals, our reliance on technology has reached new heights. Companies continue to emphasize the implementation of paperless systems and increase their use of software systems, artificial intelligence for automated data entry, big data, and cloud computing. The use of technology for simple, repetitive tasks will free up time that professionals can use for decision-making tasks. However, in order to use technology to its full potential, users must take the necessary steps to work alongside technology as well as become more informed about securing their data.
Issue: As emailing is the main form of communication among business professionals, it is important to understand the possible risks involved. Emails are one of a hacker’s favorite tools. Some common hacker techniques included phishing and malware. Phishing is when an email is received from a reputable company that entices the victim to reveal personal information such as passwords, credit card numbers, bank information, etc. Sometimes a phishing email will prompt the victim to click on a link. By clicking on the link, the hacker gained private information and potentially infected your computer with malware. Malware is a software designed to gain unauthorized access to a company’s system.
Recommendation: The first recommendation is to look out for misspelled email addresses. If an email looks out of the ordinary and the address is off by a letter or a number, there is a good possibility it is a phishing email. Secondly, users should avoid clicking on links from unknown senders. In addition, employees should get confirmation from supervisors before sending sensitive information in an email. Lastly, it is strongly suggested that companies encrypt their emails. By encrypting emails, unauthorized users are prohibited from viewing the content. The encryption may also include authentication in that users must enter a password to view attachments.
Issue: Technology continues to evolve so it is important to prioritize keeping your staff up to date on the current trends and data security practices. It only takes one person to click on an infected link for a data breach to occur. Each individual employee has to be held accountable; it is not only the IT department’s responsibility.
Recommendation: Employees should be aware of why data security is important. Trainings should occur with relatable, real-world examples. Once awareness has been raised, it is up to management to ensure that employees are trained early and often regarding data security. Training should be required on a yearly basis whether it is given through a presentation, an online training, or a signed contract. In addition, hackers are continuously coming up with new ways to get ahead of data security practices, so it is necessary take notice of current data security issues and learn from other companies’ mistakes. Some points to discuss in training sessions include strong passwords, password protected computers and external hard drives, network security, access controls, two-factor authentication, phishing, malware, viruses, data backup, and disaster recovery.
Issue: A lot of data is stored within local servers. Some of these servers may lack firewalls, anti-virus solutions, and backup systems. Therefore, companies are at risk of losing data if the server goes down, backups are lost, or perhaps a natural disaster occurs.
Recommendation: Companies should consider moving most of their data and applications to the cloud. Some benefits of this include continuous backup in multiple locations, increased flexibility with access to data at any time in any place needing only an internet connection, and in most cases, using the cloud is less expensive. The cloud is constantly being updated for increased protection and functionality. Lastly, users see increased collaboration as information is shared in real time.
Utilization of Accounting Systems
Issue: With software available for nearly every aspect of running a business, many users still default to using Microsoft Excel. In doing so, data and documents are stored in different places in which it is difficult to envision the whole picture. In addition, by not having integrated systems (e.g., payroll and accounting) and by not using your accounting software to its fullest potential, you run the risk of manual errors being made, incorrect formulas, or misinformation.
Recommendation: An Enterprise Resource Planning System (ERP System) is an integrated software designed to manage all business operations within a company. This includes physical assets, financial data, materials, and human resources. Implementing an integrated system rather than using separate excel spreadsheets eliminates redundant tasks through automation. The data is centralized in one location for interdepartmental collaboration. In addition, ERP systems aid in creating a paperless environment. Like cloud computing, an integrated system allows for flexible access and secures data through built-in firewalls. ERP systems also reduce the level of redundancy in entering data and the level of potential errors that can occur. This has the ability to save both time and money.
Issue: Social media is the largest platform to build brand awareness. Yet, companies fail to leverage this opportunity to gain followers and interact with their customers.
Recommendation: Companies should consider marketing their business through Facebook, Twitter, LinkedIn, Instagram, and any other social media platforms with a large audience. Using social media is an effective way to gain customer insight and listen to customer feedback. The interaction of customers around your brand will generate conversation and word of mouth followers. Interesting content on social media pages can also help increase inbound traffic to your company’s website by providing links to the specific products and services that are advertised or questions about services if you show a certain level of expertise or insight within a field.
Technology, if used correctly can help increase efficiencies within your company, which can help drop more dollars to your bottom line, however, technology needs to be constantly monitored to ensure safety. Even so, technology is only as good as your staff that is using it, so it is important that your staff are appropriately informed about issues and are educated on how to get the most out of the investment you have made in your company’s technology.
Jaclyn is a member of Cerini & Associates’ senior audit staff where she works with our nonprofit clients. She has experience in external auditing, including financial statement audits and pension plan audits. Jaclyn’s knowledge and experience allow her to provide specific services including systems testing and analysis, internal and external audit functions, nonprofit tax return preparation, and bookkeeping. Jaclyn is also involved in the marketing and development of the firm, contributing to the firm’s newsletter publications.