Congratulations on your amazing business! But with success comes a bit of risk: as soon as you get a piece of the pie, others start to want a bite. There’s no limit to the ways that thieves seek to victimize businesses of all sizes, but they fall into three main categories: physical theft, information theft, and identity theft. Let’s talk about each aspect of this terrible trifecta and how to prevent it from happening to you.
Physical theft is probably what comes to mind when you think of the word “thief” — you know, the bash-in-the-window-and-take-the-cash-box kind. To help lessen your chances of getting preyed upon:
Install a security system! First and foremost, get a security system on your premises that will alert you to a problem when you’re not there. Bonus – get one that also alerts the police. A loud alarm with a swift response can be the difference between attempted burglary and successful burglary.
Stop thieves from even trying by being loud and clear about the fact that you have a security system. Many companies will give you signs and stickers to post that are the equivalent of shouting from the mountain tops. If you don’t look like an easy target, thieves will be more likely to pass you over.
Put your lights on a timer… and a motion sensor! Not all of us are fortunate enough to run our business from home, which means we have to leave the premises sometimes (at least, we hope you leave the premises sometimes!). Thieves are more likely to strike when they can work under cover of darkness, and less likely to try if they think someone’s in your office. Consider putting one or more of your lights on a timer set to turn on and off even after business hours, and having motion-reactive lights so that if someone does break in, suddenly everyone can see them from the street. Bonus – grab a switch that you can also control from your smartphone! That’ll really throw anyone off who might be watching for your routine.
Information theft (or an information security breach) refers to theft of the kinds of things you keep protected – customer contacts, confidential contracts, internal communications, and information about your customers. How can you protect yourself and your clientele from this invasion?
Information that can be easily accessed is easier to steal, so make sure to password protect everything – customer management systems, hard drives, tax information, wifi connections, everything. And make that password hard! Change it to, preferably, something that’s not a dictionary word. Throw a few symbols and numbers in there and play with capital letters. Compose your passwords like fine symphonies. This tool will help you make a good one.
Pay the professionals to secure against hackers. If you’re not a computer science person and can’t launch a cyber counter attack, make sure you’re choosing a hosting plan that comes with the kind of security you need (like SSL for e-commerce). When shopping for equipment, like computers or smart phones, make sure you’re either getting hardware less vulnerable to malware (like a Mac! Not as many viruses are out there for Apple equipment) or you’re bulking up your software collection with something in the anti-virus category. If you would not describe yourself as knowledgeable about information security on your technology, make sure you are talking to professionals who have an expertise in those areas. Schedule phone calls when ordering hosting services and go see retailers when purchasing computer equipment so you can be sure to ask all the right questions.
Make sure your employees know your policies. All the protection in the world won’t help you if your employees don’t really know what information they can share with those who ask, and what they have to keep locked inside the most private bits of their brains. Outline your expectations, have employees sign non-disclosure agreements that are clear and concise, and regularly train and retrain employees on your policies even if they’ve been trained before and even if your policies haven’t changed (and especially if you’re starting to do something different).
Business identity theft involves an all-out identity problem wherein another party actually pretends to be your business in order to gain lines of credit, get access to your bank account, or purchase merchandise with that convenient 10-day invoicing period (gives them a head start on hiding their tracks). If you don’t want someone walking around calling themselves You, Inc.:
Monitor your bank accounts every day! If suspicious activity begins to take place, you have a better chance of recovering your assets the quicker you catch it and report it. Work it into your routine – read the paper, check your bank account. After dinner coffee? Bank account. Most banks have mobile apps to make this extra easy.
Does your business use online payments or wire transfers? Give your bank a call and ask for a two-step authentication for both activities. That means in order to initiate a wire transfer or online payment (which is easier to fake) you have to assure the bank it was you two different ways – verbal passwords, online sign-in, texted pin codes, etc. For even more safety, ask for a multi-step authentication where two people from the business have to approve such transactions. If you don’t use either of these, ask your bank to block outgoing wire transfers and e-payments altogether.
Treat your EIN like you would your SSN. After all, your EIN is basically your business’s social security number, and we all know how safe to keep those. That means that for any form that asks for your EIN (like unsolicited credit applications), stop and verify that it’s for what you think it’s for and it’s going where you think it’s going before you write that number down.
Got any additional tips to throw in the pot? Share them in the comments!
This post was written by Kevin Raposo, a blogger for SimpliSafe Security Systems. Kevin covers issues related to tech, crime, and security. When he’s not writing, he’s usually trying to figure out who Darth is on Twitter.