Data security: A 12-point checklist for Finance
With all the hacks, breaches and other tech threats you face today, data security is a pressing, persistent aspect of your job.
In fact, 70% of companies say cybersecurity risks are a top concern now, reports security provider TROY Group. And it’s especially vital for Finance, since data security issues can lead to big informational and financial losses.
If sensitive data is compromised, your company could face high recovery costs, plummets in productivity, damaged business relationships or even legal issues.
That’s why finance teams, led by proactive CFOs, are stepping up. They’re rethinking policies, boosting internal controls and investing in new technology.
It’s not easy …
Of course, companies have the best intentions when it comes to tackling data security. But with so many potential risks, it can be hard to create an all-encompassing approach.
Finance may do a great job securing its vendor portal … but accidentally leave some employee data exposed. Or, it may upgrade to new technology … but forget to purge old systems.
Little things can get overlooked. Tiny vulnerabilities creep in.
A general assessment
To ensure nothing’s overlooked at your company, use this data security checklist from Doc-it to see, generally, where you stand. Items you leave unchecked represent potential risk areas worth addressing ASAP:
- We have policies for where and how data must be stored.
- Access to employee, vendor or other sensitive data is gated (i.e., password protected).
- Our systems back up data regularly (e.g., on a daily basis).
- We have an up-to-date disaster recovery plan.
- Data is scrubbed from retired technology (e.g., computers, smartphones).
- Our company sets (and enforces) retention period policies for files.
- Employees promptly destroy all files past their retention period.
- We don’t exchange sensitive files via email, or we encrypt emails.
- Our company set standards for email archiving, retrieval and retention.
- Employees don’t transport files via CDs, DVDs or USB flash drives.
- We secure and consistently use any active online repository or portal for employees/vendors.
- Employees don’t use public Wi-Fi to connect to company networks.
Addressing the specifics
As mentioned, the list above is not exhaustive. Essentially, it’s a starting point to evaluate your position and get your team thinking.
You can go a step further by having each finance function develop its own list of security risks. For example, A/P may address vendor TINs and banking details. Payroll may think more about employee SSNs and pay records.
With this input, you can ensure each finance function’s data security risks get just as much attention as general business security concerns.
Free Training & Resources
White Papers
Provided by UJET
Further Reading
The Advanced Filter in Excel transforms routine data tasks into powerful analysis — perfect for finance, accounting, or anyone managi...
Excel is great for summarizing data in tables, charts and PivotTables. Here are a couple of time-saving methods for summarizing data in ...
Dashboards offer a fast way to monitor key performance indicators (KPIs). By using Excel’s Form Controls, you can make dashboards interac...
For finance professionals, data integrity is the cornerstone of every spreadsheet. Whether you are managing a budgeting template or a compl...
Spreadsheets are the backbone of financial reporting, forecasting, and day-to-day analysis. But their flexibility comes with a trade-off: e...
Failed B2B payments can be disruptive in areas beyond cash flow. For instance, if your bank has to repeatedly put in extra work to process ...