An IDC report found that public cloud software will account for nearly 95% of technology in the business compared to on premise software by 2021. As the demand for cloud-based travel and expense (T&E) applications quickly outpaces on-premise offerings, security is top of mind for many businesses.
The cloud can ensure your data is more secure, but reviewing the security behind the cloud-offering should be a top priority for companies that are considering this move as part of an expense or AP automation project.
According to the government’s Cyber Security Breaches Survey, around a third (32%) of businesses and two in ten charities (22%) report having cybersecurity breaches or attacks in the past year. A recent podcast we ran with AccountingWEB, (A confluence of culture and tech: The best approach to cybersecurity) covered this very topic in more detail.
Data security is therefore an element that cannot be compromised and yet for some companies, security can take a back seat in the overall review process. Deploying cloud or software-as-a-service (SAAS) options without engaging IT or other relevant internal teams could be exposing the business, and employee information, to risk as a result.
This can be easily avoided though. Below is a key checklist for you to use when conducting these reviews:
- Compliance: Ensure solutions are audited regularly (internally and externally) for compliance with applicable global standards for security and service management. Ask what types of audits and scans are undertaken and how often these occur.
- Data Protection: It’s key to check that safeguards for personal data protection are in place. Who has access to the data, where is your client data stored? If the offering in question has web and mobile capabilities, then ensure security questions are covered for all devices.
- Privacy: Ensure the policies and practices follow relevant privacy laws. The European Union General Data Protection Regulation (GDPR) is an example of a privacy law that’s taken centre stage in Europe. However, if your business is located internationally then ensure this is considered and covered.
- Data Location: It goes without saying that it’s your business/employee data, so ensure you know where it’s going to be located. It’s key to have a high-availability architecture with no single point of failure. Are there multiple data centre facilities and what procedures and backups are in place in case of fall-over?
In today’s business landscape 95% of CFOs consider cloud-based applications as critically or very important to successful financial performance (source: PwC), so ensure you are having these conversations with the companies you are engaging with to keep security at the forefront of your review.Working with an established and reputable company that has experience in applying the correct security standards and procedures can give you much needed peace of mind. Visit https://www.concur.co.uk/data-security to find out more about the SAP Concur Trust Platform.