Access to your company’s financial information shouldn’t be openly available across your organization. Part of implementing a system of controls is restricting access to specific personnel and establishing a hierarchy for who is in charge of what when it comes to handling your finances, invoicing, and billing processes. In addition to providing specific allowances for your employees, you need to ensure that access to your data, files, and networks is secure and specialized for each employee.
Just like you take steps to safeguard access to your personal bank accounts, you need to make sure you follow industry best practices for access to your business’s sensitive data. These practices include:
Individual User Names and Passwords
Each and every one of your employees needs to have a dedicated user name and password for access to data systems in your company. From a fraud standpoint, it is much easier to narrow down a bad transaction or a questionable purchase if it is logged under one specific users name versus a generic account name such as “marketing” or “sales” or even “bookkeeping.” If more than one employee has access under one user name account, it makes it much easier to siphon off cash while deflecting the blame among other employees who also access the system using the same credentials.
Additionally some states require businesses to change passwords at regular intervals for security purposes. When each user has an individual name and password, it is much easier to update passwords then have to go through generic name accounts and manually change the passwords and then notify employees using the accounts of the change.
Separate Levels of User Access
The owner of an organization should not have the same level of access as an entry level data clerk. For some systems such as digital archives or employee information, access is only needed for a few specific individuals. Other systems should provide access to employees with specific rights and functions, instead of giving them an all access pass. One such system is your bookkeeping software. In QuickBooks for example, you can set up user access so that high-level employees can add, edit, or delete entries while other employees can simply view the log and not be able to modify the data. Not only does differing levels of access among your employees reduce the risk of fraud, it also ensures that an employee doesn’t accidentally delete or corrupt data files
Safeguarding “Administrator” Privilege
Never let your employees log in as administrator. Administrators have access to all systems in your infrastructure and can make high level changes to your networks, financial software, and data files. Knowledge of the administrator password should only be known by the business owner and possibly one other C-level executive at your company (such as the controller or CFO). If your employees log in as administrator, they have the potential to either make high level changes by accident that restrict access or corrupt your data. Or, they can make fraudulent transactions that can’t be traced back to a specific user as it is logged as the “administrator.”
Every business is different, each with their own systems and ways of doing things on a day-to-day basis, however taking precautions to secure access to data and financial information within an organization can help prevent fraudulent activities from happening inside any organization.
The post Preventing Business Fraud: Network Access Best Practices appeared first on GrowthForce.
