We often speak about one version of the truth. All data in one place with complete visibility of everything going on in the business. Authorisation processes for payments, purchases and alike all within one system.
An article posted on the BBC News Website this morning talks about “CEO fraud” where fraudsters create a fake email account in the name of the company’s CEO and wait for them to post on social media that they are on holiday. Then strike to email the CFO to pay a new supplier £100,000 or so. Not wanting to encroach on the CEO’s holiday any further the payment is made. Ultimately costing the CFO his job upon his bosses return and the business a lot of money!
The FBI believe that 22,000 firms and organisations around the world have lost more than $3bn (£2.4bn) over the last three years. A worrying statistic that could affect your business if vigilance and process isn’t brought into place.
The fraud plays upon the human nature of not wanting to interrupt a colleague’s holiday. We all know that feeling of guilt when sending a work related text, email or call to a colleague enjoying some time away with family or friends.
So how can we protect against this? If emails are able to be cloned to look legitimate how can we be safe and outsmart the people who leave a rather nasty taste in the mouth after what should be a relaxing time for senior managers.
Email no longer gives one version of the truth. So what tools do exist? Let’s focus for now on Sage Live and how this could help your business. Internal communications are one of the strongest functions. Using Salesforce’s chatter function we can tie all of our communications into one place on the system.
So that covers the conversation, but what happens if the email still comes in and my colleague processes said transaction without thinking?
So my colleague has set up the payment, he then presses submit for approval. Karan can then send me a chatter message and use the workflow in Salesforce and Sage Live to send me a message. This will send me an email to show I have a message which will also pop up on my Salesforce/ Sage Live app on my phone.
If I have asked my colleage to do this, I simply pop into my app and authorise the process. If I havent, alarm bells are ringing. I phone or even use chatter to get hold of Karan to stop this payment being made. I have full control over this kind of thing happening in my business.
I may be disgruntled that a breach of my email security has occurred but I can sort that upon my return. Enjoying the remainder of my holiday. Knowing that I havent just lost a large amount of money.
The other side is, if I have asked a payment to be made. It was done in seconds and enabled me to continue my holiday in peace.
Having one version of the truth is an important factor in business. Even more so with cyber security being high on the list.
Is your business as secure as you think it is? Do you have internal processes which you could drive a bus through? Are you going on holiday any time soon? Worth considering if it's time to ensure your business is safe!
At Acuity we have just moved our business into the Salesforce platform, so we’re in a good place to advise you!