Tribal Solutions

  INSIGHTS FOR TRIBAL 

AUGUST 15, 2016  
CONNECT WITH US

844.686.3208    
  
View our profile on LinkedIn Blogs Watch Us on YouTube Find us on Facebook Twitter

Eide Bailly Mobile

WHERE TO FIND US
In person ...
We'll be at the 2016 Global Gaming Expo September 26-29. let us know if you want to meet up!

Online ...
Learn more about how we can help your tribe grow and succeed at www.eidebailly.com/tribal
 
WHAT WE DO
ABOUT US
Eide Bailly's tribal team can help you feel confident your tribe is on the right course with all of its related entities.

Our firm offers personal service and national resources in a number of industries, including gaming, health care, manufacturing, education, and other small business enterprises.

Want to Share? 
The Cyber Security Threat

Last year, 43 percent of organizations suffered a cyber attack, and according to Forbes, 71 percent of those affected were small businesses. The absence of dialogue surrounding this steadily growing threat to small and mid-sized businesses is alarming. When we hear "cyber attack," we often think Target, Sony, or any of the other numerous high-profile instances of the past year, not the regional restaurant we ate at last month, the family-owned business down the street, or the tribal-affiliated casino. But these instances are real and rising.
 
Easy Targets
A lack of preparedness for a massive security hack coupled with minimal resources and general inexperience in combatting today's advanced cyber threats combine to create a low hanging fruit "epidemic" for small businesses including tribal-related entities, which many hackers are looking to capitalize on.
 
To combat this growing threat to your entity, regardless of size, we have identified several key precautions to reduce your organizational vulnerabilities:
  • Ensure that you and your tribe are compliant with required regulations.
  • Run a cyber security audit focused on attack surfaces and points of entry. Identify the location of your sensitive data and map it to your access control list, both internally and externally, to further assess vulnerabilities.
  • Confirm that operating systems are equipped with the latest security products and updates, including programs that can detect cyber breaches within your network and evaluate threat levels.
  • Define access permissions to data across your tribe and tribal-related entities.
  • Establish password protocols, including regular refresh cycles. Encourage staff to avoid passwords comprised of proper nouns, keyboard patterns, et al. and instead opt for meaningless combinations of letters and numbers for optimum security.
  • Invest in industrial strength firewall protection, anti-malware and anti-viral programs to thoroughly establish your defense foundation.
  • Safeguard sensitive data via encryption protocols.
  • Educate employees. Your people are often your greatest weakness. Train staff on spamming and hacking awareness so they do not undermine your organizational security by absentmindedly opening a malicious email, attachment or link.
  • Determine security practices on-premise, from the data allowed to leave company walls to the sensitive materials that need additional protection measures.
Keep Your Data Locked Up
Ultimately, if you do not feel confident in your tribe or related entity's internal ability and bandwidth to conduct exhaustive security testing to reduce your risk, look externally. Your data is not a gambling chip; cyber attacks are growing in prevalence, and these steps are not simply recommendations but basic requirements in this day and age. Consider the above precautions the cyber equivalent of locking your front door. If you are not dead bolting the door to your data, you are essentially inviting a cyber thief into your network.
 
A version of this article first appeared on our website

Mike Arvidson
Platform Support Senior Manager
701.476.8797
  
  
  
  
Top 10 Tips to Avoid Fraud
 
Fraud can happen to any tribe, or any tribal-related entity. According to the Association of Certified Fraud Examiners 30 percentof employees will commit fraud if given the opportunity and 5 percentof revenues are lost to fraud annually.
 
How scary are these stats?
 
Don't let your tribe's story sound like this. Consider the following safeguards to help protect your tribe and its related entities from becoming a victim:

  1. Don't allow employees to use your signature stamp. It is your signature. And keep it in a secure location, such as a safe or locked drawer that only you have access to, when you are not using it.
  2. Implement a fraud policy in the employee handbook. (The Association of Certified Fraud Examiners has a sample fraud policy available on their website.)
  3. Install security cameras in high risk areas such as where cash, inventory and equipment are located.
  4. Require individual usernames and passwords for accounting system access. Turn on audit trail features and restrict employees to specific functions within the accounting system relating to their job functions.
  5. Look over monthly company credit card statements and corresponding supporting receipts/documentation for employee-issued credit cards as well as employee expense reimbursements.
  6. Purchase employee dishonesty coverage.
  7. Insist that full-time employees take mandatory vacations of at least five consecutive days per year.
  8. Approve employee hours before payroll is processed and review payroll reports on a regular basis.
  9. Make daily deposits of cash and checks. Also, keep cash and checks secure until they're in the bank.
  10. Review bank statements and all cancelled checks on a monthly basis.

A version of this article first appeared on our Possibilities Center blog
Jeremy Bendewald

Jeremy Bendewald
Director of Forensic Accounting
701.239.8513
  
  
  
  

This publication is produced and published by Eide Bailly and distributed with the understanding that the information contained does not constitute legal, accounting or other professional advice. It is not intended to be responsive to any individual situation or concerns as the contents of the publication are intended for general informational purposes only. Readers are urged not to act upon the information contained in this publication without first consulting competent legal, accounting or other professional advice regarding implications of a particular factual situation. Questions and information for publication can be submitted to your Eide Bailly representative. To request reprints of this publication, send a written request to RequestReprints@eidebailly.com.
© 2016 Eide Bailly LLP.