6 steps to protect a very small business from ID theft

Categories News

Every business can benefit from ID theft protection.  No matter if you are a large corporation or new small start up, you need to protect yourself and your employees!  Here at Priority One Payroll we were looking for some great tips to share with you so you can protect yourself and came across this great article!

For the self-employed and owners of very small businesses, whose time and energies are devoted to growing the company, data security often falls in priority.

It shouldn’t. Protecting your business and your clients’ financial data is critical to averting the kind of disaster that could tank your business dreams.

The dangers are real. According to a 2014 survey by identity theft and fraud protection firm CSID, the number of attacks against small and mid-sized businesses skyrocketed from 18 percent in 2011 to 31 percent in 2013. Yet many — especially very small businesses — are not doing anything about it. Only 29 percent of companies with fewer than 10 employees are taking any measures to protect against security risks, including identity theft of their own and their customers’ information.

“Fraudsters are stealing as much as $1 billion a year from small and mid-sized businesses in North America and Europe, and the numbers are only going to increase,” says Mike Gross, global risk strategy director with 41st Parameter, a business fraud prevention firm owned by credit reporting giant Experian. “Because the largest institutions have sophisticated fraud prevention solutions in place, the latest fraud attacks are looking to exploit the next tiers of businesses that are typically not as well defended.”

Soloists, freelancers and microbusinesses with few employees often have scarce resources available for ID theft prevention. But there are still a number of practical, affordable steps you can take to make it tougher for criminals to steal your valuable information.

1. Operate with an EIN.
While a corporation or limited liability company must have a separate employer identification number (EIN) for tax identification purposes, a freelancer or small-business owner may operate as a sole proprietorship under his or her Social Security number, even if the business has employees.

Just because you can, doesn’t mean you should. It’s generally a better idea for sole proprietors to use an EIN, which can easily be obtained through the IRS website. Keeping business and personal finances separate is a good idea for many reasons, including identity theft prevention.

“That protects the business owner,” says Paige Hanson, educational programs manager with the identity theft protection firm LifeLock. “If the business becomes a victim of identity theft, it won’t be tied to your identity. If the business identity is stolen, hopefully it won’t trickle down to you personally.”

2. Secure sensitive files — online and offline.
From bank statements to tax return filings to customer lists, your business may have a number of paper and electronic files that hold sensitive information. Gross suggests taking some basic measures to protect paper documents, such as using a secure mailbox, shredding any documents you don’t need and keeping sensitive files in a locked area or other secure location.

It’s a message not lost on barber Domenic Sciortino, owner of Mt. Rose Barberama in York, Pennsylvania. He keeps copies of important documents in a safe and shreds statements, credit card offers and other unnecessary paperwork that could give fraudsters access to his business or allow them to open credit lines in his business name. “We’re very careful about that,” he says. “We don’t have duplicates anywhere and I know exactly” where sensitive information is kept.

To combat digital fraud, make sure your computer systems have appropriate firewall, anti-virus and anti-malware technology, says Suzanne Barber, director for the Center for Identity and a professor in electrical and computer engineering at the University of Texas, Austin.

Free software is available, but it may not include all of the components you need, or it may come with adware or spyware. Off-the-shelf security packages such as those from Symantec and McAfee are usually sufficient for very small businesses, and some products now offer protection that extends to mobile phones and other devices. Be sure to update patches in a timely manner by allowing automatic updates.

Also, check with your Internet service provider to find out how it protects your data. Find out which third-party security vendors it uses, then check the vendors’ websites to learn about how frequently they update their solutions and whether certain content types are protected — for example, email attachments.

You’ll also want to find out the type of protection they offer. Are they using firewalls and anti-virus, anti-spam and anti-spyware software? Think about your online activities and make sure the ISP has the right solutions in place for you.

3. Establish good internal controls.
Businesses with employees need to pay extra attention to security. Barber says it’s important to use passwords or otherwise restrict employee access to certain documents, such as customer lists or accounting files. She also recommends establishing a clear protocol to follow in the event of a data breach, including assigning someone to manage the breach and outlining what actions are needed to be taken.

For retail businesses, Barber suggests business owners review security footage for suspicious activity, such as an employee taking a customer’s card away from the register to run a transaction. You should also regularly check any credit card terminals or ATM kiosks for skimming equipment.

Even businesses without a lot of employees need good controls. New Orleans jewelry designer Anne Renee Timmons-Harris, founder of A.R.T. Precious Collectible Jewelry, works from home with her husband and co-founder. Experience makes her extra cautious. In the early days of the business, she received an online order that just didn’t “feel right.” She tracked down the person whose card was used and called him. When she told him why she was calling, he “spilled his coffee in his lap because he hadn’t placed the order,” she says.

She realized that if it was that easy for someone’s card to get stolen, she couldn’t take any chances with her own identity. Even though only she and her husband have access to their files, they change passwords at least quarterly and use random password generators, saving passwords offline on a jump drive to keep them away from Internet hackers.

If you would like to read of this article please go to creditcards.com.  If you would like more information on how to protect yourself or your business please contact us here at Priority One Payroll!