A few years back I was the victim of identify theft. I am not going to go into the details of how it happened, because that just tells people how they can do it, but I will say it was surprisingly easy and the resulting chaos made my life very difficult.
Small businesses are generally pretty lax about security. Sure, we tend to be good at making sure the door is locked and the alarm is on, but there are far more insidious criminals out there that don’t want to steal your computer, they want to access your bank accounts, credit cards and sometimes even your intellectual property.
I don’t want you to start looking over your shoulder, imagining criminals in every cupboard, but with the soaring rate of cyber crime, we need to take it seriously.
So what are some simple steps that all small businesses can take –
1. Make it hard for people to get your information
Shred any and every piece of paper that goes out of your office. All you need is a shredder next to your desk or printer and make it a habit. Put the shredded paper in the recycle bin and mix it up when you put it in there.
2. Put padlocks on your rubbish bins
If you have a large industrial bin, make sure it is locked. Yes this is an inconvenience, but so is someone accessing all of your computer records. A good old fashioned lock can work wonders and as the police will tell, they keep the honest criminals out.
3.When you employ staff, spell out what is OK and what is not
As the business owner it is your right to explain very clearly what is your property, either physical or intellectual and what your expectations are regarding this property with your staff. If a member of staff leaves with a client database, that is theft and needs to be treated accordingly. You might be very diligent about protecting passwords but your staff may not. Spell out your expectations so there is no doubt.
4. Get a little smarter about the passwords that you use
I know that remembering passwords is a challenge, but we all need to move way beyond the simple four digit code. Plus we need to change them regularly. I make a point of changing my banking password weekly, but I do have a system which makes this easier than it sounds. I have a term, with lets, symbols and a number and I simply take the last letter/number off and move it to the front. This seems to work for me but I do suggest that you come up with a system of your own.
5. Get a debit card
A while back I asked my bank to issue me a debit card. I use this for online purchases. I only put in enough money for any purchase I am making at time, as opposed to just dishing out my normal credit card number left, right and centre. When traveling I also make a point of writing down the name and number of taxis on the back of the credit card receipt – as I have had a manual credit card slip changed by a taxi driver from $38 to $188. For this reason I am doubly cautious when a business uses a manual credit card machine and in fact I will generally give them cash instead of a card or decline the purchase.
6. Unsolicited faxes, emails and calls
This might sound strange, but millions of dollars are obtained fraudulently by criminals sending faxes or emails demanding money for an unpaid bill (that doesn’t exist) and even calls made to a business demanding payment of an outstanding account are paid by the unsuspecting business owner surprisingly often. If you aren’t 100% certain about what a bill is for, don’t pay it. Never fall for “legal action” is going to commence. For legal action to commence, there will need to be quite a few official letters to go backwards and forwards, giving you the opportunity to verify supposed debts.
I encourage every small business to engage a small business IT specialist to ensure that your network is as secure as it can possibly be. This can include updating (or installing) a firewall, ensuring security updates are installed as they come through from the manufacturer and making wireless networks secure.
Last but not least, we need to be having more discussions around online security and small business security in general. If you do a website search you will see that it is a very big topic with a lot of practical ideas available. Most importantly of all, we need to treat security as a priority, not an after thought.