We’re drawing to the close of our series on preparing quality iXBRL documents, both to comply with ESEF mandate requirements as well as to enhance your company’s visibility among analysts, investors, and other stakeholders.
Our previous two articles were about choosing a tool for the audit and review of your ESEF documents. The ideal tool should allow collaborative working and be XBRL International (XII) certified. It’s good if it also integrates an XII certified validator. Further, there are tasks that the ideal tool should help you perform, for which we gave you a checklist. In the next two articles, we will talk about data security – a major concern where companies’ unpublished financial data is involved. To start with, we will revisit the old debate about cloud-based solutions versus on-premise solutions.
Cloud-based vs. on-premise solution – What’s more secure?
A cloud-based solution is one that is hosted by a third-party application provider in a secure online environment, with a company only having to rent access to the environment. An on-premises solution, on the other hand, is one that is hosted on in-house servers, with companies having to bear the costs of managing and maintaining the solution.
While both cloud and on-premises hosting options have their pros and cons, the theory that on-premises solutions are more secure by comparison is an oversimplification, and not necessarily the truth. In fact, when solutions are hosted on-premises, every hardware device in a company becomes a potential entry point for malware and adds to the ‘attack surface’ for hackers trying to access files. But a cloud minimizes such risks simply because data moves to an isolated environment managed by a host with dedicated resources to handle security.
Security in terms of an on-premises solution depends upon the extent to which companies tightly manage and update their systems against vulnerabilities, and sometimes even that is not enough. An incident at the US SEC in 2016 can testify to this. The US regulator said hackers compromised one of its databases containing corporate announcements for a trading advantage. If hackers could pull that off with a market regulator, company systems might probably be a relatively easier target.
In recent times, many applications have been moving to the cloud by default. In fact, at times it is cloud-based systems that offer a greater level of security and sophistication.
Unpublished financial information carries some of the highest data security risks. While companies would do well to make all the effort they can to secure in-house systems, there are vulnerabilities that are specific to these systems. A cloud-based solution, on the other hand, might prove more secure and sophisticated by comparison. An increasing number of firms are embracing cloud-based solutions, and you would do well to consider the option too – not just for benefits such as cost efficiency and centralized management, but also for the security of your data.
Do stay tuned in for our next article, in which we offer a few more pointers on ensuring better data security