Identity theft a huge problem for small businesses
I’m quoted in an article on TheStreet.com about identity theft and the risks to small businesses. The bottom line? Most small businesses don’t take the threat of a data compromise seriously enough. They forget that their reputation is on the line, and they could lose customers with a data breach. And it’s much more expensive to find new customers than it is to keep existing ones.
Adds Tracy Coenen, a forensic accountant and certified fraud examiner for Sequence Inc., “I get scared for small businesses because they are not thinking about this issue. I think they are more vulnerable because they’re not taking any basic steps.” Too often, businesses hire her to deal with fraud, not to prevent it.
So while all the attention has been paid to consumer identity theft, small businesses have become more attractive to identity thieves because the rewards are greater.
My friend Gary was also quoted, as he had some really great tips on protecting data:
If you must collect sensitive personal information, organize customer data in such a way that only highly confidential information is protected. Gary Nutbeam, owner of computer consulting firm Across the Big Pond, recommends creating three levels: unclassified (information that anyone can see), classified (semi-sensitive information like an internal memo on benefits) and secret (data like customer contracts).
“It is impractical to fully protect everything,” adds Nutbeam. “You can keep costs down by putting your effort toward protecting the most sensitive data.”
Ask and Don’t Tell
To further lower your liability, limit companyaccess to customer information. It could be as simple as locking up confidential files or databases and giving one or two essential employees the key or their own unique user I.D. “If a user I.D. is shared, it’s impossible to know who really accessed the data,” says Nutbeam.
The reporter was also kind enough to mention my new book, Essentials of Corporate Fraud.
Similar Posts:
Tags: certified fraud examiner, corporate identity theft, Identity Theft, the street
Trackback from your site.
Comments (2)
Computer Consultants Secrets Blog
| #
Thanks for this link! This is an extremely important topic and one that not only small business owners and managers themselves but also small business IT consultants and other tech professionals just starting out as solution providers don’t necessarily stress enough early on enough. I think unfortunately a lot of small businesses don’t learn the importance of data security and protection until after something major happens that causes catastrophic data loss, theft or loss of valuable clients. But it doesn’t have to be this way. A lot of times it’s just as simple as being proactive about accepting automatic updates of virus protection software (and taking the time to restart your computer!) and relying on a trustworthy computer consultant to do the rest!
Reply
Chad Bordeaux
| #
I agree that most small businesses are EXTREMELY lax on fraud prevention. I work with many small businesses and many of them have virtually no controls in place at all They seem to view them as an unnecessary step. Well, until they get burned anyway.
Reply