With cyber attacks making headlines almost every day, it’s not a matter of “if” you will be breached but “when.”
Every AR transaction could expose gaps in your security that open your customer and financial data to hackers. Your chances of a breach also increase if you don’t know what payment systems all of your locations are using to process customer financial data. If your IT team isn’t aware of a system, they won’t be able to ensure that your financial data is secure.
"20% of finance professionals said that their company was hit with a business email compromise attack."
– TD Bank
Human error also causes a number of breaches. AR employees may store customer credit card information in an unlocked Excel spreadsheet and then carry it around on their laptop. If the laptop gets stolen, your customer data is at risk. Or an employee may accidentally open a malicious attachment and give a hacker access to your network.
The costs of a data breach are high. According to IBM, the average cost of a data breach is $3.86 million - up 6.4 percent from one year ago. These costs include everything from technical investigations to lost business and brand damage.
Finance and accounting teams are risk adverse by nature and may not want to make the changes that are necessary to address these challenges. But in today’s world, not doing anything isn’t the safe option.
Thankfully there are industry standards in place to ensure CFOs partner with the right solutions provider, including:
- PCI DSS The Payment Card Industry Data Security Standard is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment.
- SOC1 Also known as SSAE 16 / ISAE 3402 / CSAE 3416, Service Organization Controls (SOC) 1 is a series of accounting reports undertaken by a service auditor. SOC1 evaluates the internal controls at a service organization when they are likely to be relevant to their customers’ internal control over financial reporting.
- SOC2 The SOC2 audit is an independent review of an organization’s controls that provides a definitive security assurance to help IT teams evaluate managed service providers.
To learn more about the challenges preventing Wholesale Distributors from achieving financial goals, grab a copy of our ebook.