Unauthorized financial activities and Segregation of Duties violations by insiders represent the most dangerous threats in your security landscape. Organizations lose at minimum 5% of annual revenue to various forms of fraud*. Enterprise systems are not the only source of fraud but can be the “low-hanging fruit”. Control mechanisms including SoD that rely on knowledge-based security (passwords) are easily circumvented by password “borrowing”. The resulting unauthorized financial manipulations can lead not only to financial loss, but also to other undesirable outcomes such as money-laundering, invoice tampering, procurement fraud, data loss or even regulatory violations such as Sarbanes-Oxley.
Key threat vectors include:
- Procure-to-Pay Cycle
- Electronic Movement of Funds
- Fraudulent Accounting Entries
- Segregation-of-Duties (SoD)
- Regulatory (i.e. Sarbanes-Oxley)
Only upgraded Identity Management of users via biometrically activated profiles and credentials can overcome the security gaps that password-based security cannot.
*Association of Certified Fraud Examiners
Related Case Studies
