The impact of identity theft can be potentially devastating for businesses. Naturally, business owners are worried about identity theft. The best ones try to understand what it is and educate themselves on how to prevent it. Let’s take a closer look at how identity theft can happen and its prevention.
Ways in Which Identity Theft Can Occur
Data BreachA data breach occurs when confidential, sensitive or otherwise protected information is accessed, copied or transmitted by someone who is not authorized to do so. Software engineer and serial entrepreneur R.L. Adams talks about numerous ways to protect your personal data.
Malware and SpywareInstead of finding existing vulnerabilities with a security system, identity thieves can sometimes use a malicious system/software of their own to collect information from your business. There are numerous ways systems your business can be infected by such software, referred to as malware and spyware. The most common is by clicking on unreliable pop-ups or opening unfamiliar email attachments. Basically, any incoming file or software without appropriate verification can be malware.
Wi-Fi HackingGiven the current wireless age we live in, considerable financial and otherwise sensitive information is transmitted via Wi-Fi. Security flaws in public routers can be exploited by identity thieves to access data transmitted between devices and the router.
Spam/PhishingPhishing emails are used to gather information from unsuspecting victims. The thief pretends to be someone the target would normally know and then influences them to volunteer sensitive information such as login credentials.
How to Prevent Identity TheftYou can do plenty to strengthen your business against identity theft. This can range from implementing strict policies to simply removing misconceptions about malware many of your employees probably have.
Customer Relations Policies
- Request photo ID from everyone who wants to pay you using a credit card of check. Don’t accept payment if the ID looks fake, the photo and customer look different, or the signature on the ID document doesn’t match.
- Request verification codes from the back of credit and debit cards and use address verification when accepting credit cards online or phone. Decline the sale if the records don’t match.
- Don’t collect customer information unnecessarily. If a certain piece of personal information is not crucial, don’t request it.
- Tell employees to request sensitive information when out of earshot of other people.
Secure Sensitive Data
- Use encryption for storing and transmitting customers’ and employees’ data. This measure may not stop an identity thief from accessing sensitive information per se, but it might prevent him from using it.
- Install firewalls for all your computers and networks.
- Update your operating systems as soon as they are available.
- Store hard copies of business records in locked cabinets and other secure places with limited access.
- Use cross-cut shredders when destroying old business records.
Define Business Policies
- Decide things like who handles customer and personnel information and how will it be stored. Also define policies for accepting payments with higher ID requirements. E.g. requiring two forms of photo ID instead of one for certain transactions.
- Consider designating only one or two employees for all credit card payments.
- Also define policies to limit the duration for which you retain credit card and account numbers.
- Setting complicated passwords
- Being wary of spam emails
- Keeping a close eye on personal accounts