By Brennen Schmidt
ALEUS Technology Group
and Allan Bonner
Troy Media columnist
Studying and working in the area of cyber security keeps us alert – and as things rapidly change, alertness is ever more important.
It was good to hear of the scanning machine that makes a digital copy of all receipts for later viewing by an offsite bookkeeper and accountant. This is the promise of new technology – making physical separation less relevant and getting rid of boxes of paper.
Better yet, this gizmo can connect with online banking, and online methods of sending and receiving credit card payments. With the inclusion of some invoices and data accessible via an online bookkeeping system, this is all that’s needed to manage the finances of many companies.
Then alertness comes into the mix. We’ve all become pretty confident about online banking. The same is true of PayPal and other ways of moving money around. But what about this scanning technology and where the data is stored? Can a hacker get into that and once in, move freely into bank accounts? Can hackers see the funds available and transfer money to themselves?
It’s a worry.
This is a real case and the worry was genuine, but just a little misplaced. A few weeks after a company set up this system, all the data appeared to be lost – a thousand scanned documents at least. The user alerted the bank and the scanning company. The bank froze accounts and the scanning company checked its security systems, but the data was indeed lost.
It turned out it was just the accountant who had advised on the setup of the system and who had improperly seized the data. It’s a mundane commercial dispute about signing a retention letter and when payment was due – not if it was due. The accountant had the power to seize the data and hold it for ransom, and did.
Most of these digital programs have free trials. At the end of the short period, the user can choose to sign on permanently for a monthly fee. This was not explained by the accountant, who signed up in his own name, not the name of his client. The accountant had control, not the client.
The scanning company’s security system didn’t include alerting both the user and the accountant to its policy. After the deletion of the data, the company said it would pursue a landmark court case to determine who owned it.
The same can happen when you retain a web designer. The designer may sign you up for a hosting service but the account could be in the designer’s name, not yours. You won’t be in control of our own website. The hosting service’s security system doesn’t include asking Company X if it wants control of a site initiated by Designer Y. In this case, there may not be anything nefarious – the designer lives abroad, is not responding to emails and may be dead. None of that matters to the hosting company – it’s the designer’s account.
The rapid growth of technologies, including blockchain, may make such issues a thing of the past. It allows for the management of transactions, ranging from supply-chain management through to many aspects of financial management. This isn’t science fiction, either. We’re seeing a rise in the use of such technologies, including the much-hyped Bitcoin cryptocurrency.
At the core of blockchain is replication. It’s the digital equivalent of the old paper-based ledger. Accountants would use pen to permanently keep a record of transactions. Ink is hard to erase and change, and a digital, permanent record is even harder.
The reason digital records are harder to change or forge is the trail – not a paper trail but a permanent digital trail. Assuming someone or something was able to change the latest version, one could always go back to compare that with one that was previously generated.
Whether an individual entry is legitimate can be checked by matching it with electronic fund transfers, paper cheques, sales contracts, bank accounts (reconciliation) or receipts for items purchased. Blockchain technology is the equivalent of ink, a permanent record. Its record of transactions includes individual time stamps and uniquely-generated identification numbers. This is very similar to a cheque number or invoice number. These likely can’t be altered or, if altered, it can be discovered that they might just be out of order.
We’ll hear more about such things as blockchain and cryptocurrencies like Bitcoin gain traction.
We may even see international trade agreements between countries enforced through this kind of technology. A not-so-distant future could see blockchain automatically put in place a retaliatory tariff or assemble a dispute resolution panel. But first, we’re likely to see it implement actual trade in goods and services, causing payments to occur before work is done or goods delivered.
We’ve seen what happens when alertness doesn’t come into the mix. It leads to a lot of unnecessary costs. It’s time to become more alert about these technologies. Now is the perfect time for all of us to start thinking about a vision of what this future will look like. It will be here soon.
But those who get ahead of the game will reap the rewards – and benefit from a competitive global advantage.
Dr. Allan Bonner, MSc, DBA, is a crisis manager based in Toronto. His forthcoming book is Cyber City Safe. Brennen Schmidt (BEd, Certiftied PR, CUA) is principal of the ALEUS Technology Group, a boutique digital communications firm in Regina.
The views, opinions and positions expressed by columnists and contributors are the author’s alone. They do not inherently or expressly reflect the views, opinions and/or positions of our publication.