We’ve all seen the headlines when yet another company gets hit by a costly spear-phishing, ransomware, malware, or other cyberattack. The attacks are so frequent and so damaging that it can feel overwhelming, especially for small and midsize businesses that lack the expert resources of larger businesses. 

According to BlackBerry, cyberattacks continue to grow in number, with small and medium businesses (SMBs) facing an average of 11 cyberthreats per day. That’s in line with Barracuda Networks’ research, which found that small businesses are three times more likely to be targeted by cybercriminals than larger companies. 

One often-overlooked area in which SMBs can exert more control over their cybersecurity risks is with their choice of enterprise resource planning (ERP) software. Let’s look at why. 

Data management and cyber risk

Imagine a sensitive piece of client data traveling through your business. Depending on your ERP solution, the data might be stored in a siloed database, which could be attacked. It could also be on a vulnerable hard drive or software application, and from there, it might be exported into a spreadsheet that is then sent as an email attachment. 

As that example illustrates, many security and compliance issues stem from manual business processes like the use of emails and locally stored spreadsheets. Sensitive data can too-easily be shared with outside contractors or posted to an internal messaging platform, taking the data outside the company’s control. 

Advantages of cloud-based ERP solutions

Advanced ERP solutions like Sage Intacct consolidate your financial information on a cloud-native platform that provides a single source of truth. Unlike on-premises ERP solutions, cloud-based solutions do not have to be maintained and updated internally, which can be a heavy lift, especially as the number, type, and severity of cyberthreats continue to increase.    

A further advantage of Sage Intacct is that it is built with granular controls for compliance and access, so different levels of information can be provided securely to different stakeholders, via personalized dashboards that display only the information workers need to do their jobs. Sage Intacct’s infrastructure also runs out of world-class data centers that are monitored 24/7/365 and provide full data recovery within 24 hours in the event of major disaster.

Learn more

Insero & Co. is a public accounting firm with decades of experience working with businesses and nonprofits of all sizes. Our experts are available to provide consulting and other remote services and can help your organization implement financial management best practices to reduce the risk and severity of cyberattacks.


About the Author: Kimberly Gangi

Kim is the head of the Outsource Accounting Services Group with over 25 years of experience in public accounting. Meet Kim >


Join our mailing list for insights and tools to help you achieve your goals delivered right to your inbox.