Cyber Attacks: When Not If

In 2018, cyber attacks targeting employee data increased both in number and in sophistication. In response, employers need robust, multilayered security systems in place to guard against attacks and their repercussions.

It is no longer just an isolated problem, many would say it’s a pandemic. Organisations on a daily basis are finding themselves victims of various phishing schemes or attempts to extract sensitive data from their organisation.

These perpetrators are very, very determined. They have patience. They’re willing to keep trying again and again. And the sad thing is they’re becoming very successful at finding the weak points.

As cyber-criminals broaden their entry points into organisations, the scope of who may be considered culpable in the wake of a successful attack may widen too. Security is no longer solely I.T.’s problem because if there is a data breach, and if that data breach occurred in payroll, you’re going to be sitting in front of an officer answering tough questions.

Business owners also could face legal repercussions. In the coming years, there’s going to be more legislation geared towards protecting consumers and taxpayers against organisations that have poor security protocols in place.

What Can Employers Do?

When determining protection against a cyber attack, employers should know it is a matter of when not if an attack will occur.

The objective is to deter the criminals. Make it hard. Make it frustrating. To some extent, make it not worth their while to keep trying to find a back door.

People are the weakest link when it comes to data security. To mitigate that risk, employers should have a written security protocol that is reviewed annually. Employees should receive annual training to ensure they remain compliant.

It’s A Multi-Pronged Defence

Additionally, employers should limit the number of personal devices that connect to the company’s network. An iPod, mobile phone, USB flash drive or camera could introduce a virus to the employer’s network.

An internal hotline that allows employees to report any suspicious activity they see may also be helpful. Thirty-eight per cent of targeted attacks in 2018 were caused by malicious actions of employees.

Employers should also research the vendors and third-party providers they hire.

When assessing risks, employers should ask about data storage, who may access it, how securely are stored and for how long.

Employers also should ensure that endpoint protection is used to its fullest capability. Cybersecurity monitoring services and insurance may be worth considering as a whole.

Programs like those are expensive but should be weighed against the cost of a potential breach. As a business owner, or even a university or a health care facility, what is the cost if you have a major data breach? For some organisations, it will shut you down. And the damage to your reputation may be worth more than any monetary figure.

Always better safe than sorry!

Aurion software is regularly audited, screened and tested for security holes. Our expert legal and security team work tirelessly to ensure the date entrusted within Aurion is totally safe. Looking for a payroll provider who puts security as its number one priority? You’ve found it.

Keep up-to-date with more articles like this

Subscribe to our eNewsletter

Improving Your Financial Year Forecasting

Day one of the new financial year begins working on a financial forecast for the year to come. Budgeting and forecasting allow us at Aurion to accurately plan for the fiscal year, with no surprises (well, no big ones anyway).

(more…)

Seven Payroll Myths Busted!

Watching Mythbusters this weekend got me thinking, what are some common Payroll myths perpetuated? What’s fact and what’s fiction? Chances are you’ve heard a few of these before. Today, I’ll separate the truth from the lie, the factuality from the fallacy, the wrong from the right! Here are eight payroll myths that need busting!

(more…)

Single Touch Payroll Update – October 2017

Single Touch Payroll Update – October 2017

At the recent Australia Business Software Industry Association (ABSIA) Forum, Aurion joined other key industry stakeholders to discuss the Single Touch Payroll (STP) rollout to all employers across Australia.

What is Single Touch Payroll?

Single Touch Payroll (STP) is an ATO reporting initiative designed to provide simpler, lower cost options for reporting payroll activity. The STP initiative delivers a new reporting standard to streamline existing PAYG, Superannuation and Tax reporting, which the ATO hopes will introduce efficiency and improvements for all employers, including simplified interaction with the ATO, reduce time spent on compliance activities and adoption of best practice processing.

STP requires that when employers pay their staff, the employees’ salary or wages and PAYG withholding amounts are automatically reported to the ATO as part of payroll processing. Under STP legislation, employers with 20 employees or more will be able to start reporting to the ATO through Single Touch Payroll from 1 July 2018. Employers with fewer than 20 employees must start reporting from 1 July 2019.

When do I need to be preparing for STP?

As an employer, you should have assessed your readiness for STP – tools like the Aurion STP Checklist can assist you to understand your obligations and activities you need to complete to comply with STP Requirements.

You must be using STP compliant software to manage payroll processing, produce data required to be sent to the ATO in an electronic format for transmission, and send the data to the ATO electronically via the ATO Gateway. Your existing payroll software may do all, or some, of these things. Specific information is included in the checklist. Employers are encouraged to check with their payroll solution and service providers to ensure compliance before 1 July 2018.

Aurion is committed to providing simple and automated solution for full STP compliance – contact Aurion for more information about our STP solutions for new and existing customers.

The introduction of STP means that payroll software providers will need to develop new reporting outputs and tools to produce STP reporting as part of pay run processing. For employers, this will mean extra processing steps when processing payroll.

If you have not assessed your readiness for STP, or if you do not have a plan for STP readiness, you should do so immediately. STP will require a period of system configuration and testing before the compliance date – only 8 months away.

Aurion’s Preparation for STP

Aurion have been heavily involved in consultative processes with the ATO – our STP compliant software solutions and services are currently in testing with the ATO, followed by our key customer pilot program commencing shortly. We will be delivering STP software updates progressively from October to allow customers sufficient time for extensive testing ahead of the compliance date.

Our customer education activities are also starting from mid-October. Aurion will release multiple tools to assist customers with their STP transition – including an STP checklist.

The ATO are also commencing employer education sessions in 2017, progressing from large employers to different employer groups in staged tranches. The ATO will be contacting employers progressively during November – if you do not receive information from the ATO you should contact them directly.

Aurion will be collaborating with the ATO to deliver a series of webinars about STP readiness during November. Register your interest in attending one of these FREE webinars.

At Aurion, we are committed to assisting all employers to comply with STP – as we progress towards the compliance date we will provide more frequent updates and information.

2018-05-08T14:28:24+00:00 Tags: , , |