Fintech is one of hottest areas in high-tech today because it allows companies to save money, improve operations, and increase the level of job satisfaction in their workforce. When companies automate mundane and repetitive functions such as payroll, book-keeping, and invoicing, the workers previously forced to do them manually are freed to do tasks that add strategic value to the company – and are more engaging for the workers.
Meanwhile, the automation bots taking over those tasks improve overall workforce efficiency because they work faster and eliminate human error. When it’s done well, it is a win for everyone involved.
The problem, however, is that automation is still something new in the workforce, especially when it comes to protecting the sensitive data being processed by the bots. Many companies could be under the mistaken assumption that if no human hands are involved in processing the data and no mistakes are made by the bots doing the work, there is no concern about cyber security. While it’s true that the “no touch” element of automation reduces some security risks, it does not eliminate a host of others.
Many companies are leaving openings for cyber-criminals though small actions that could end up having significant consequences. The following tips can help close the gaps to avoid problems in the future.
1. Using Email to Transfer Personal Data
With data moving so effortlessly through software bots automating payroll, it’s easy to get lolled into a sense of false confidence and lose track of data privacy and security. First and foremost, there is the enormous amount of money being paid to workers – the single largest expense for any company. That cash is a major target for hackers and major breaches continue to happen.
Email is a major culprit in making data vulnerable. In a context where people consistently send sensitive data back and forth by email, it’s practically an invitation for hackers to create fake pages that look like emails from accountants. In a busy time, like during tax season, those fake pages can pass unnoticed and allow Internet thieves access to accounts. Security breaches of that sort are highly avoidable – when people realize the risks involved.
Fintech companies are beginning to tackle this payroll problem. Automated systems on a stable and secure platform, accessed from the cloud, that stay out of the sight of cyber criminals, can’t be replicated, and enable communication without the risk of a data breach are bringing payroll cycles into the 21C.
2. Too Many People Granted Data Access
One of the most common forms of automation today is known as robotic process automation (RPA), which is essentially a software robot capable of mimicking human actions. Unlike Artificial Intelligence, RPA bots are not able to mimic human thought. That makes them much cheaper to purchase and easier to install and use.
RPA bots have made a process like book-keeping more efficient and more reliable. However, as a tech solution, the process is often run out of an IT department rather than through Finance. As a result, there are many more people with access to information that would otherwise be limited to a very small number of people. Each of those people pose a threat to data security even if they never access the data intentionally. No chief data security officer would ever sanction granting access to people without a good reason for them to have it.
The simple solution is for Finance to step in and keep track of exactly who should be allowed to see the data and why. Technical issues can be handled by IT without the need for them to have access to the data collected by the bots. All of the maintenance can be handled entirely without data access.
3. Failing to Install Security Updates
In some ways, cyber-security is an elaborate game of cat-and-mouse between the good guys trying to keep their data safe and private, and the bad guys trying to steal the data and use it to for profit. The good guys build secure walls, and the bad guys work to get past them.
Fintech is no exception. In fact, financial institutions are some of the most attractive targets. Sometimes the bad guys succeed. They find a vulnerability and manage to breach an area that had once been considered safe. When that happens, the cyber-security community has to scramble to seal the hole. In most cases, that means sending out alerts to their clients. Those clients remain vulnerable until those patches and seals are installed.
The problem is that many companies either work without an in-house IT presence that is ready to respond quickly and efficiently, or their IT department is so thin and over-worked that the task falls through the cracks.
Companies that increase their level of dependence on technology have to realize that security is not something that they install protecting them for life. In fact, it’s exactly the opposite. It is an ongoing process that requires their constant attention.
This is an article provided by our partners network. It might not necessarily reflect the views or opinions of our editorial team and management.
Founder Dinis Guarda
IntelligentHQ Your New Business Network.
IntelligentHQ is a Business network and an expert source for finance, capital markets and intelligence for thousands of global business professionals, startups, and companies.
We exist at the point of intersection between technology, social media, finance and innovation.
IntelligentHQ leverages innovation and scale of social digital technology, analytics, news and distribution to create an unparalleled, full digital medium and social business network spectrum.
IntelligentHQ is working hard, to become a trusted, and indispensable source of business news and analytics, within financial services and its associated supply chains and ecosystems.