If you hear about identity theft in the news, it's often in the context of individuals impersonating other individuals. But while consumers are often protected by stringent identity theft protection laws, the situation can be a lot murkier when somebody tries to impersonate your business.
Because they need to make themselves visible to prospective customers, businesses are compelled to share with the public a lot of information that individuals tend to keep private, such as their phone number and address. All an identity thief has to do is open up a mailbox in your shared office building, fake up some letterhead, and obtain your business license number -- something many businesses are required by law to display -- and they're well on their way to opening up credit card accounts in your name, filing purchase orders, and running up bills that will eventually come to you.
So what can you do to prevent small business identity theft?
Review your business credit report regularly.
Go over employee charge card billing statements with a fine-toothed comb before they are paid, especially if you've issued multiple cards for a single account.
Educate employees to be on the lookout for phishers and phone and email scammers. People who would never think to open a suspicious-looking email in their personal inbox might not hesitate to turn over your Federal Tax Identification Number and names of key executives to someone posing as a vendor or a government representative.
Once an employee leaves the company, make sure you immediately cut off access to all your IT resources. Unfortunately, a lot of identity theft is still an "inside job."
Lock up your data! Install a business-class firewall, encrypt your network, assign access privileges sparingly, and perform regular updates to your security software.
According to security firm Panda Security, a shocking percentage of small businesses haven't taken very basic steps to secure their data assets. A recent survey showed that "97 percent of U.S. SMBs have installed anti-virus and 95 percent claim their security systems are up to date. Yet 29 percent said they have no anti-spam in place, 22 percent are without anti-spyware technology and 16 percent do not have firewalls. 52 percent said they have no web filtering solution in place. 39 percent of respondents said that they have yet to be trained about IT threats." (See this article on CIOZone for more details: http://www.ciozone.com/index.php/Security/SMBs-a-Gold-Mine-for-Identity-Thieves.html)
CMIT Solutions offers anti-spam, antivirus, and anti-spyware protection as part of CMIT Marathon -- our suite of monitoring and maintenance services that keep your IT systems up, running, and protected, 24/7. (For more information go to www.cmitsolutions.com/marathon.php) We can also set up firewalls and perform other network security measures to make your network safer.