As a business owner you put your business, and your name, out there. This can result in devious people trying to get access to your information and they’re really good at it! To protect yourself, you need to keep up your guard and constantly be aware that theft happens. Here are a few ways to safeguard your information.
1) Do not open any odd looking emails or give any information over the phone.
This is the reason I’m writing this post! Hackers are very good at scaring you into thinking someone is suing your or the IRS is looking for you. It’s like you’ve seen in the movies, if you’re getting sued they have to serve you papers. It will not come through an email so don’t open those attachments. Also, the IRS does not call or email people. If you owe them money they will send you a notice. Apparently, there’s been a lot of scams pretending to be the IRS.
Here’s a link to their website with more information about what to look for and what to do if someone contacts you: https://www.irs.gov/uac/newsroom/phone-scams-continue-to-be-a-serious-threat-remain-on-irs-dirty-dozen-list-of-tax-scams-for-the-2016-filing-season
It’s so easy to see an email or answer a phone call and immediately be sucked in and curious! But take a step back, there’s usually something odd about these communications that you’ll pick up on. Then you can’t help but think, “What if this is real?” If you need closure, google the phone number or the email address that the communication came from. Remember, if someone is legitimately trying to get in touch with you for something serious…they will keep trying!
2) Lock your network.
Wireless networks are open and vulnerable to “wardriving”. Wardriving is when bad guys are driving around in cars with antennas looking for unsecured or poorly protected networks. Once found, they can access passwords and financial data. Having no wireless network is the best defense against this, however, most businesses have wireless. Be sure your wireless connection has a specific name and password so that anyone using it must be logged in.
3) Install anti-malware and anti-virus software.
Most malware is installed by emails and security hacks. So as previously mentioned, delete unidentifiable emails and lock your network! Have anti-malware and anti-virus software on your computers as well as mobile devices. I am not the expert on anti-malware and anti-virus software so I’ll just say to read reviews and see what’s compatible with your needs.
4) Set protocols and educate employees.
The first step in educating employees is creating protocols outlining acceptable online activity. If employees shouldn’t open links or visit websites that don’t pertain to work, it should be explicitly stated and communicated. Also, communicate regularly in meetings or email about recent threats or compromises to other similar business’s information.
Requiring that passwords be strong and changing them often is vital. I know, I know….everyone hates the complicated passwords and changing them…it’s such a pain! However, there are useful programs out there (for free) that will help you remember all these. Sites such as 1Password, LastPass, or DashLane can securely store your passwords, account numbers, and other important notes.
5) Hire an outside expert.
Maybe you don’t understand how all the anti-virus software works or you just don’t want to! Fortunately, you can hire someone to think about the nitty-gritty for you. Be sure to read and understand what they will do and who will be responsible in the event of any damages. This is also a time to consider cyber insurance. Yes, they have insurance for everything and depending on how you feel about insurance it may be worth looking into. Just be sure to read the fine print and know what will be included in the event information gets hacked.
You’ve been hacked…now what?
As a business owner I’m sure you watch your bank account balance like a hawk! If/when you notice something awry in your bank account be sure to contact the bank immediately. This will help to minimize the damage. Not all hacker events are this obvious. Sometimes an employee may leave a smart phone or laptop in a public place. If that’s the case, be sure to disable that equipment. If there’s a break in at your office and equipment is stolen contact the police immediately. Be sure to change passwords for equipment not lost or stolen and keep an eye on your accounts.
I hope I haven’t scared you too much but we have to remember there are sneaky people out there trying to get your information to make a quick dollar! Don’t let them get your information…protect your business and yourself.
Jordan Ilderton, CPA