Freedom, GEABSOLUTE POWERS CORRUPT ABSOLUTELY, General Election (GE15), Malaysia, Politics, polling Nov 19: Destroy Umno for the betterment of Malaysia, race, religion, Solidality, support Aliran for Justice

Share This

Showing posts with label Data Security. Show all posts
Showing posts with label Data Security. Show all posts

Thursday, 1 August 2024

SAFEGUARDING DATA IN M’SIA’S NEW ERA OF E-INVOICING

Vast potential: Digitalisation boosts growth and efficiency, but adopting strong cybersecurity measures and secure software can protect data, systems and customers. Image: Blake Wisz / Unsplashed

AS THE roll out for Malaysia’s e-invoicing mandate draws near, small businesses around the country are embarking on their digital transformation journeys.

In doing so, they unlock numerous benefits such as increased efficiency and productivity and improved customer engagement, while becoming more competitive and resilient.

This digital shift however, can also introduce significant data and security risks.

Understanding these risks is crucial to protect businesses, their data and their customers.

Data breaches and other online crimes, including hacking and financial fraud, can have disastrous effects on businesses, such as the exposure of sensitive customer information, intellectual property theft and the disruption of business operations.

These breaches in security can result in significant losses for companies, sometimes amounting to millions of ringgit.

Additionally, small businesses, often the targets of cyber-attacks because they are seen as more vulnerable, may lose valuable consumer trust and potential opportunities.

Ahead of the phased mandate launch in August, business owners can ensure they are fully prepared by understanding the key advantages and risks of e-invoicing, and take proactive measures to safeguard their business.

Security first: Cyber threats are increasingly complex and widespread. Small businesses can protect sensitive data by choosing reputable software with strong security.Security first: Cyber threats are increasingly complex and widespread. Small businesses can protect sensitive data by choosing reputable software with strong security.

Security benefits and e-invoicing considerations

Despite the risks, the shift towards e-invoicing is certain to offer businesses numerous immediate and tangible benefits.

Enhanced efficiency, reduced errors and improved transparency in financial transactions make e-invoicing more secure than manual handling and traditional invoicing practices.

With oversight from the Malaysia Digital Economy Corporation (MDEC), e-invoicing is tracked through the Peppol framework and verified in real-time, providing an additional layer of security and accountability.

Verification through Peppol ensures that invoices are authentic, preventing fraud and alterations.

This standardised network facilitates the secure and efficient exchange of electronic documents, protecting them from cyberattacks and potential data breaches.

Choose a reputable software provider

As Malaysian businesses look to adopt solutions that will enable them to comply with the upcoming mandate, prioritising reputable software providers to ensure data, privacy and security protection cannot be overstated.

In today’s digital landscape, cyber threats are pervasive and increasingly sophisticated, targeting vulnerabilities in businesses of all sizes.

By choosing established software providers known for robust security measures, small businesses can protect sensitive customer information and internal data from breaches and theft.

Reliable software providers offer regular updates, advanced encryption and compliance with regulatory standards, ensuring that businesses remain resilient against evolving cyber threats.

Additionally, this proactive approach fosters customer trust, as clients are more likely to engage with businesses that prioritise their privacy and data security.

Xero, for example, adheres to stringent security standards and compliance requirements to effectively safeguard user data.

By incorporating multi-factor authentication (MFA), user accounts and financial data remain secure and protected while Xero’s encryption protocols prevent unauthorised data access, safeguarding it from cyber threats.

With a global presence, including in countries such as the United Kingdom, United States, Singapore, Australia and New Zealand, Xero maintains a high level of cybersecurity features and compliance measures to meet regional and international standards.

The accounting platform currently supports many local businesses in streamlining processes and improving data security.

Additional precautions

In addition to leveraging the security features of cloud accounting software like Xero, Malaysian businesses can take extra precautions to safeguard their accounting data. This includes:

> Paying attention to security notices: staying informed about security alerts and notices from software providers to promptly address emerging threats.

> Reporting unusual activity: encouraging employees to report any suspicious or unusual activity related to accounting data to prevent potential security breaches.

> Deploying antivirus and anti-malware solutions: installing reputable antivirus and anti-malware software on their devices to protect against potentially malicious software.

There is no question that digitalisation presents enormous opportunities for growth and efficiency for small businesses, but with that, come some critical security risks.

By adopting cybersecurity measures and choosing software with robust protection features, small businesses can safeguard their data, systems and customers.

Proactive security management not only protects against financial losses and reputational damage but also builds trust with customers, fostering long-term business success.

Source link 

E-invoicing system set to go


PETALING JAYA: With two days to go, most of the 5,000 companies under Phase 1 of the e-invoicing rollout are raring to go and looking at a smooth takeoff, say stakeholders.

Associated Chinese Chambers of Commerce and Industry of Malaysia treasurer-general Datuk Koong Lin Loong said these companies, with an annual turnover of RM100mil and above, should not face any major hiccups when transitioning to e-invoicing on Thursday.

“They will be able to cope with the transition as these companies have the resources to do so,” he said when contacted yesterday about worries some businesses have expressed about beginning the e-invoicing process.

Asked if accounting firms acting for these companies are facing pressure in switching to e-invoicing, Koong, who is a practising auditor and licensed tax agent, said that it is unlikely.

ALSO READ: How e-invoicing affects you

“There is some misunderstanding that e-invoicing is like the Goods and Services Tax (GST), which required some companies to change their entire accounting system.

This is not the case with e-invoicing because companies are already generating invoices through email and their existing computing systems. The only difference is that their invoices will now be digitised and linked to the Inland Revenue Board (LHDN),” he added.

Koong also said that it is quite normal for businesses to express worries whenever a new system is introduced, like mobile phone and QR code payments, for instance.

ALSO READ:‘There’s time for smaller companies to learn the new system’

“There would have been a lot of complaints prior to the Covid-19 pandemic (in 2020) if businesses had been asked if ewallets could be used to make payments. They were practically non-existent.

“But nowadays such payments are widely accepted even among smaller businesses and hawkers,” he said.

Experts say the pandemic greatly sped up digital payments globally, as, for a few years, people were living mostly online.

ALSO READ:LHDN announces six-month grace period for einvoicing implementation

When it comes to e-invoicing, the driving force is efficiency in collecting taxes and stopping leakages to increase the government’s tax revenue. To further ensure a smooth transition, Koong said the LHDN has announced some flexibility and relaxation of e-invoicing regulations.

For instance, there will be no prosecution action under Section 120 of the Income Tax Act 1967 for non-compliance with e-invoicing rules, provided the business complies with consolidated e-invoicing requirements.

This means the supplier can gather all statements or bills issued and then issue a consolidated einvoice as proof of the supplier’s income, according to einvoicemalaysia.my.

ALSO READ:Are you ready for e-invoicing starting Aug 1?

Koong added that the LHDN is planning to roll out an e-invoicing mobile app and e-POS (electronic point-of-sale) system by the end of this year, free of charge for businesses to download.

Phase 2 of the e-invoicing system will be implemented on Jan 1, 2025, for companies with a turnover of below RM100mil and up to RM25mil, while full implementation under Phase 3 will begin on July 1, 2025, for businesses with an annual turnover of above RM150,000.

Malay Chamber of Commerce Malaysia secretary-general Ahmad Yazid Othman said most Phase 1 companies are ready, although some may still be facing some difficulties, especially smaller businesses that serve the larger companies under the Aug 1 rollout.

He added that companies are expecting to run into teething problems just as they did when the GST was first implemented in April 2015.

ALSO READ:The e-invoicing dilemma

“The LHDN has given its assurance of some flexibility and relaxation of regulations during the initial implementation period, and this is most welcome.

“We hope that companies will not delay implementing e-invoicing with these assurances, which will at the same time motivate other companies to speed up the transition process when their turn comes,” he said.

Ahmad Yazid, who is also a senior fellow with the Malay Economic Action Council, said the experience gained from Phase 1 of the e-invoicing process will be helpful for both the LHDN and businesses to better prepare for the coming phases next year.

Source link 

Related stories:

How e-invoicing affects you

‘There’s time for smaller companies to learn the new system’

LHDN announces six-month grace period for einvoicing implementation

Are you ready for e-invoicing starting Aug 1?

Microenterprises unprepared for e-invoicing, says Wee

The e-invoicing dilemma

Navigating e-Invoicing for SMEs

Over 5,000 applications for MyInvois access ahead of Aug 1 rollout, says LHDN

New accounting software not needed for e-invoicing

Related posts:

Planned e-invoicing will be troublesome


The e-invoice conundrum dilemma

Sunday, 7 January 2024

Balancing between data’s potential and its security

IN an era where data is king, the launch of Malaysia’s Central Database Hub (Padu) marks a significant milestone.

For the first time, the government will be collecting personal data on an unprecedented scale – everything from IC numbers and addresses to bank details and property ownership – into a single repository.

While revolutionary in its potential to streamline government services and target subsidies effectively, this initiative raises profound concerns about the security and privacy of our data.

Currently, we have the Personal Data Protection Act on the books. However, under Section 3(1) of the Act, this law does not apply to the government. 

Personal Data Protection Act 2010

Does this mean the extensive data collected through Padu is not afforded the same protections as it would if it was collected by private entities?

Previous data misuse and breaches in government systems only exacerbate our fear.

Cybersecurity firm Surfshark has listed Malaysia as the eighth most breached country globally in Q3 2023, with 494,699 leaked accounts. This represents a 144% increase in breach rate compared to Q2 2023.

According to its midyear threat landscape report, leaks from the government sector constituted 22% of total security breaches from January to June 2023.

The fundamental questions cannot be avoided: Can we trust the government with so much of our personal information? What assurances are there that it will be protected against misuse and theft?

The answers, according to most analysts and experts, lie in reforming the Personal Data Protection Act (PDPA) to encompass government data handling.

Amending the PDPA to include the government and all its agencies would be a significant step toward securing public confidence.

It would ensure the same rigorous data protection standards applied to private entities are also binding upon the government.

Such an amendment would not just be a legal formality; it would be the government’s commitment to the people, a reassurance that our personal information is valued and protected with the highest standards of security and privacy.

It would demonstrate a recognition of the principle that with great power comes great responsibility, especially when that power involves access to the extensive details of one’s financial and personal life.

While Padu presents an opportunity for public administration in Malaysia to take a huge leap forward, it also poses a significant risk to personal privacy if not appropriately managed.

The need to amend the PDPA to apply to data collected by the government is not just a regulatory necessity but a critical step in building trust between the citizens and the state.

Only with such legislative safeguards can the government assure its people that their data, their most personal and sensitive information, is in safe hands.

.  Source link

Related posts:

PADU to help govt identify eligible targeted subsidy