SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
How organisations can reduce security and compliance risks when working remotely
Wed, 22nd Nov 2023

The shift to hybrid and remote working models, paired with the rise in cyberattacks, has highlighted the need for organisations to evolve and improve their financial reporting from costly and insecure legacy technology systems to reduce the risk of a data breach or other compromise.

While most organisations understand that automating manual processes improves efficiencies, the complexity of migrating data from legacy systems to more secure automated technologies can initially deter them from taking the leap. These systems are rapidly creating security and compliance issues in the new digital economy because they can be compromised easily and are prone to errors and duplication in financial reporting.

This heavily increases operational risks for organisations, as the lack of control means that errors may not be caught, and decisions may be based on inaccurate information, negatively impacting business performance. It also broadens the cyberattack surface for organisations by providing additional points of entry for data breaches.

Ultimately, the financial, operational, and reputational costs associated with security breaches and non-compliance caused by legacy systems go far beyond the cost and complexity of digital transformation. 

As hybrid and remote working models remain in place, they reveal previously unconsidered security gaps in organisations. Sensitive data is no longer confined behind network firewalls and well-defined perimeters. Employees and their organisations are now at much greater risk of data breaches through means such as business email compromise, weak passwords, or a lack of multi-factor authentication. In many cases, the greatest threat is to the organisation’s finance function, considering that finance is at the heart of business operations.

Employees are either unable to access legacy systems remotely or are accessing cloud-based systems using unsecured home networks and devices. Either option presents an unacceptable risk; however, businesses must find the right balance between the two, avoiding overly strict cybersecurity policies and tools that would prevent employees from working effectively. 

Both government and private businesses can mitigate these risks by focusing on protecting data both in transit and at rest. 

A solution to this issue is cloud-based, automated tools that can be easily transitioned into legacy infrastructure and deliver almost immediate results in streamlining workflows while reducing the risk of errors, fraud, data breaches and, ultimately, non-compliance. Cloud-based solutions provide employees with access to the software they need to work regardless of location; however, it is vital that the right platforms are implemented so that employees can easily access essential systems without compromising information security.

Using purpose-built, cloud-based, automated tools can dramatically improve efficiency and reduce errors. For example, automated travel, expense, and invoice management solutions provide a secure, streamlined workflow for both the finance team and employees across the organisation, no matter where they are physically located. These tools can work with legacy systems and give employees the freedom and flexibility to work where they want, when they want and how they want. When paired with a strong, considered security strategy, cloud solutions enhance the employee experience, improve productivity, reduce the risk of errors, promote business growth, and help organisations maintain compliance.