You know what gives us the heebie-jeebies? Just thinking about how many people are on payroll. That’s right: We are talking about all those payroll accounts, with all their sensitive information floating around in the ether.
The data that payroll systems handle is often highly sensitive, and if it’s not protected, you could have some serious problems on your hands.
In recent weeks, we’ve heard of a dramatic increase in cyber-attacks and data breaches across the world, from telecommunications to technology and marketing automation organisations. Not to forget Medibank.
Unfortunately, Accountants are not spared as there have also been reports of a spike in hackers lodging fake tax returns and superannuation claims.
Payroll data security is a big deal.
KeyPay is one of Australia’s fast-growing cloud-based workforce management and payroll platforms. We spoke to Phil Bernie, the co-founder of KeyPay about Payroll cyber security amidst rapidly accelerating digital transformation. Here are the key points of our Q&A with Phil.
ITVibes: In the past, it was fairly reasonable to assume that payroll was a low-risk area for your business. What has changed in the recent past?
KeyPay: I don’t actually think payroll was a low risk area, I think that was just a perception. In fact, I think it’s been one of the most underrated high risk areas. We’ve all heard stories of salary spreadsheets being accessed on the corporate intranet by staff who shouldn’t have had access or personal information sent to the wrong email address.
The system that stores this information is often identified as the root cause, but these systems are being used because legacy payroll systems weren’t designed to handle modern business requirements.
The biggest change in recent years has been the move to cloud systems, which could be seen as risky, but the reality is they’re designed with security front and centre and often enforce things like multi-factor authentication, audit logs and much tighter access controls on data
ITVibes: So has the move to the Cloud helped payroll software security? Or has digital transformation made it complex due to the myriad systems and integration challenges?
KeyPay: I don’t think digital transformation has increased complexity, I think the sophistication of attacks by cyber criminals has meant payroll providers need to be a lot more vigilant in ensuring the security of their systems.
In many ways, Digital transformation has made security less complex because there’s a lot more awareness and the standards that are expected are becoming a lot more uniform across the industry
Related read: Gartner Predicts 40% of Boards Will Have a Dedicated Cybersecurity Committee by 2025
ITVibes: In your view, what are the biggest threats to cloud payroll providers of today? And how should payroll providers on cloud prepare for the new challenges?
KeyPay: The biggest threats are the same as any other industry – social engineering is proving to be a lot harder to protect against than many other technical issues.
The other problem is users not taking security seriously enough – we regularly get requests from users wanting us to decrease security measures like MFA and complex passwords.
Digital transformation has made security less complex
Phil Bernie, Co-Founder KeyPay
ITVibes: It is surprising some users give more importance to convenience and ease over security. So in a world with constantly evolving cyber threats, how do you enhance security?
KeyPay: We are constantly looking at how we can improve and prevent fraud – probably the biggest thing is proactively notifying users of any potential issues before they arise – for example notifying them when bank account details change, email addresses change and other sensitive information.
ITVibes: Where do you see KeyPay in 5 years?
KeyPay: In 5 years, I’d like to see KeyPay changing the way we pay people – to date, we’ve spent a lot of time replicating payroll processes from the past, I’d like to see KeyPay re-inventing payroll that’s designed for the future of work. Whether that’s allowing employees to access wages faster or enabling employers to take a more wholistic view to employee compensation – I’d like to think how we’re paying people in 5 years will look very different to how it looks today and KeyPay will be a big part in leading that innovation
Conclusion:
Payroll system hacks are a regrettable reality for some businesses. There have been a few notable attacks in the past year. Each time, flaws in the software or practices have perhaps given hackers access to the system. The need to have robust cybersecurity safeguards in place is reinforced by KeyPay’s focus on payroll cybersecurity. To learn more on cybersecurity trends and insights, please visit the page on cybersecurity.
