Thieves from inside and outside a company can gain easier access to an organization's records and finances if insufficient database security protocols are in effect, according to Dark Reading.
A spate of data breaches in early 2011 proved that even large corporations such as Sony, Citibank, and Epsilon aren't safe from hackers. In those cases, the infiltrators were looking to obtain customers' personal information, such as addresses and credit card numbers. However, if left unprotected, databases of financial data can also be exposed.
Giving too many access privileges to business managers, accountants, and the like can pose a risk to a company from the inside.
"A user with excessive privileges in the accounts payable department can create a false company, send payments to the false company, and then delete any record of the company in order to cover their tracks," Alex Rothacker, manager of Application Security's Team SHATTER research unit, told the news source.
If fund misappropriation does occur, conducting accounts payable audits can help to quickly identify it. However, establishing a system of checks and balances and ensuring the adequate security measures are in place can prevent embezzlement from occurring in the first place.