According to the Bureau of Justice Statistics, more than 17 million individual American citizens are affected by identity theft. Since the larger data breaches have occurred over the past year, the larger corporations have taken notice and worked fast and furious to get their systems protected. Today, according to the Department of Homeland Security (DHS), approximately 31% of the attacks that are occurring, are against small businesses and organizations that employ 100 persons or less.
In an article published by the Identity Theft Resource Center (ITRC) ” DHS, in partnership with the Secret Service and others, said the attacks were pervasive, with ID-theft criminals scanning computer networks of businesses for vendors or employees who had remote access. passwords for network access.”Hackers then were able to run programs to attain usernames and usernames and passwords for network access.”
When a small business is attacked, not only is the very livelihood of the business and its owner(s) threatened, but a small business’ employees and customers are also at risk. Small businesses are far more vulnerable to identity theft than much larger companies and corporations for the mere fact that perpetrators are fully aware that small businesses generally have more cash and/or credit available than larger corporations.
Small Businesses are Most Vulnerable If:
- A criminal manages to ‘hijack’ or obtain your business information. They will likely acquire credit for themselves with your business information and under your business name. If your information is acquired by a thief, it’s probable that you won’t be aware until you begin receiving bills electronically or otherwise. At this point, it’s likely that extensive damage has already occurred affecting not only your reputation and business finances but your personal finances.
- If you own a business that collects an abundance of personal information, i.e., birthdates, social security numbers, account number information or any other personal information, there are consumer protection laws that will make you entirely responsible if you’ve failed to protect your clients/customers from identity theft. At this point, your business is likely spiraling into an abyss and could easily place you in a position of losing your business entirely while facing years of cleaning up a virtual disaster. It’s a good idea to consider doing a monthly or quarterly security check-up to ensure that your systems are updated and secure.
To Avoid Small Business ID Theft Disasters Begin by Following Digital Security Best Practices as Follows:
- Eliminate all paper billing that comes to you. Paper billing is too easy to acquire if you fail to shred it.
- It’s not always possible to eliminate all paper billing so do yourself a favor and invest in a high-quality shredder. Even better hire a shredding company who will come to your business and pick up your paper and shred it for you and recycle it.
- There are many businesses that absolutely must keep some paper files. In this case, consider a multiple level security filing systems. Simple, locked filing cabinets are vulnerable. Consider placing your locked filing cabinets behind closed and locked doors whereas only one or two trusted members of your personnel have access to gain entry.
As Soon As Your Paper Systems Are In Place Add These Best Practices:
- Provide a secured internet router
- Provide a secured wireless network system
- Provide VPN for any external access
- Be certain to implement strong firewalls
- Provide protected physical access to your company’s computers and systems
- Use automatic software (Windows or other operating systems) updates
- Limit the software that your employees are allowed to install
- Secure ALL offsite data storage that you use for your business
- Continue to create multiple and redundant data backups
- Keep an offsite copy of your backups
- Most importantly, train your company employees with regard to digital security practices
From security inception, monitor your business credit reports as often as possible or delegate this task to someone you trust. This small act will help you immediately spot any potential tampering. If you spot it, you can stop it immediately.
Carefully Select Whom Will Have Access to Your Data:
- Just because your company may be small does not mean that you shouldn’t secure your data like a large company. Larger companies generally implement multi-layer security systems; follow their lead.
- Not every employee should have access to all of your files. Limit your company’s access according to the department they work in, with a trusted administrator.
Create Very Strong Passwords:
- Almost every small business uses computer systems in order to conduct daily operations. Therefore, each individual employee must have their own employee ID and password allowing each employee their own access to the computer system.
- Never use passwords such as 12345678 or 11111111 or 32132132. The unique, long passwords must be used.
- Consider password tools that will create new and unique passwords as needed. Should you find that any of those passwords are hacked, you won’t have to change every password on your system.
- When an employee exits the company under any circumstances, the administrator must immediately turn off all access to any of the employee’s accounts.
Small business identity theft is becoming increasingly serious. You must secure your systems, keep them updated and monitored. Do not procrastinate, doing so will leave your business more vulnerable by the day. Implement the best practices, and you can put your mind at ease. Failure to do so could potentially destroy what would otherwise be a successful small business. Remain vigilant and enjoy continued success.
For more statistics on identity theft and cyber crime in 2019, read this blog from broadbandsearch.net.
At Cogent Analytics, we never stop looking for ways to improve your business and neither should you. So, check out some of our other posts for helpful business information: