Identity theft impacts more than 17 million Americans per year, according to the Bureau of Justice Statistics, and businesses are not immune. The same havoc that identity thieves cause for individuals can harm a business’s finances and credit history. And, unlike individuals, when a business is attacked it could threaten the livelihood of many employees and customers who rely on the company. If you want to avoid identity theft for your business, follow these seven steps.
1. Switch to Digital Statements
Mail theft is a simple but common entry point for bad guys looking to steal a business’s information. Bank statements, credit card bills, human resources files, and other mail can be used to attack the business or others. To end susceptibility of mail theft, turn off the mail.
While most businesses are not able to go completely paperless, switching your bank and other financial statements to paperless takes just a few minutes and closes a major vulnerability. With modern technology, digital statements are safer than paper. Updating your processes to digital accounting and statements can save money and time, and helps protect your business from identity theft.
2. Invest in a Quality Shredder
How many movies have you seen where someone pieces back together strips of paper from a shredder? End that risk with a high quality, cross cut shredder. You can get one online or at a local wholesale club for under $100, and it will protect your business from thousands of dollars in potential losses.
Just as some bad guys steal paperwork from mailboxes, others steal papers from recycle bins and dumpsters. While dumpster diving for company data doesn’t sound fun or productive to you or me, thieves see dumpsters as a fast route to a quick buck.
You can watch this video to learn more about picking the right shredder.
3. Build a Secure Filing System
If you do find your business does need to keep paper records for any reason, keep those papers secure. Records that could be used to compromise your business, employees, or customers should be securely locked away somewhere that only those with a business need can access.
In most cases, this means using a locked filing cabinet or system of locked filing cabinets. Just a small key is enough to deter most would-be data thieves. If your documents require additional security, lock them away in a safe or vault, or put your locked file storage away in a locked or secure area requiring a second level of access.
4. Follow Digital Security Best Practices
Once your paper systems are secure, it is time to turn your attention to digital assets. A wireless internet router like you use at home does some of the work of keeping your digital assets safe, but you need to do a lot more to ensure total security.
Some best practices for small and midsized businesses include:
- Strong firewalls
- VPN for outside access
- Secure offsite data storage
- Scheduled virus and malware scans
- Automatic Windows and other software updates
- Secured wireless networks
- Limited software installation abilities for employees
- Train employees in digital security best practices
- Protect physical access to company computers
The Federal Communications Commission offers additional tips, but most of them come down to being proactive. Don’t wait for a problem to happen to secure your data. Include security as a top priority from the start so you don’t have to worry about the messy cleanup after a hacker gets into your data.
5. Monitor Business Credit Reports
According to the Colorado Secretary of State, monitoring your business credit is an important tool in keeping your business data secure. In addition to getting alerts from the government if someone tampers with your records, you should always keep up with your business credit. This helps you quickly spot suspicious activity and problems so you can stop and fix them before they get out of control.
Nav offers both your business and personal credit report and score for free. Sign up today to take the first step in monitoring your business credit. Your business’s prosperity is too important to leave to chance.
6. Well-Planned User Data Access
Everyone at your company should not have access to every file. Large businesses use multiple layers of system security to ensure only those with a need can access company data. The same should be true at small businesses.
If you use computer systems for daily operations, every employee should have their own username and password. They should never be shared between users and each account should only have access to the appropriate systems.
Following this guideline allows you to quickly turn off accounts when an employee leaves the company and gives more granular abilities to keep data locked away from prying eyes. Even if you believe every employee is eternally trustworthy, secure your data to be sure you are protected.
7. Use Strong Passwords
Last but certainly not least, use secure passwords. The top most common passwords are scarily guessable. 123456, qwerty, 111111, password, and 123123 are all among the top 10. While using a long, unique, random password might seem impossible, it is easier than most people realize.
Thanks to tools like Lastpass, Dashlane, and 1Password, you can create a unique password for every single site. If one gets hacked, you only have to change one password, not all of them. If someone can simply guess your password and get into your accounts, you might as well post your data on a billboard. While you don’t have to use those crazy rules to scramble words, you should follow smart password guidelines to stay safe.
Bonus Tip: Don’t Forget Secure Backups
While you are busy keeping your data safe, remember to create backups. In the event of a computer crash or in the worst case if a hacker gets access to your server, you don’t want to be left in ruins. Create multiple, redundant backups including an onsite and offsite copy.
Business Identity Security is Serious Business
Do not treat securing your data as something that can be put off. Procrastination means it may never get done, leaving your data vulnerable. It would be a shame to see your otherwise successful business killed by identity theft.
Follow best practices and monitor your business credit to ensure your business is safe. If you do, you have little to worry about and get back to what is most important: running your business.
This article was originally written on September 11, 2017 and updated on February 1, 2021.