The Business Advisory Blog

The Business Advisory Blog

Insight, news and updates from Alliott NZ Chartered Accountants, Auckland New Zealand. The views expressed here are the views of the author and should be discussed in further detail should an article be relevant to your individual circumstances.

While every effort has been made to provide valuable, useful information in this publication, this firm and any related suppliers or associated companies accept no responsibility or any form of liability from reliance upon or use of its contents. Any suggestions should be considered carefully within your own particular circumstances, as they are intended as general information only.

Vanessa Williams
Published on

Macros can be useful for streamlining day-to-day tasks...

But they can pose a security risk if they are not properly maintained.

budget financials laptop-902The Australian Cyber Security Centre (ACSC) has observed an increase in attempts to compromise businesses by embedding malware in macros.

Microsoft Office macros are created by recording a series of commands, such as mouse clicks and keystrokes, to create a shortcut for repetitive tasks.

Malicious macros can be shared by cybercriminals and, if used, may grant unauthorised access to devices.

To minimise risks, it is recommended to ask three questions before using a macro: 
 
  1. Is there a business requirement for the macro?
  2. Has the macro been developed or provided by a trusted party?
  3. Has it been validated by a trustworthy and technically skilled party?
To further safeguard your business systems and customer data, it is important to disable macros for users who do not require them — only enable macros from trusted locations, and only enable digitally signed macros created by trusted individuals on a case-by-case basis.

Related reading

Source: ATO

Topics: Automation cybersecurity digital disruption risk security small business