Scarcely a month goes by without the media revealing yet another security breach that has hobbled a company or compromised its customers’ financial security. Whether it is Société Générale’s recent billion-dollar loss or Princeton’s recent report on the overall vulnerability of database information, recent news makes all business owners more aware of the need for vigilance and sound security measures. Here are a few ideas and suggestions to consider:
- The majority of security breaches or fraudulent crimes are committed by “ordinary” workers, not high tech masterminds or hackers—opportunists who manage to access the passwords of their fellow workers. With this in mind, make sure your employees keep their individual passwords private, and insist that all employees change their individual passwords frequently. It’s easy for employees to get sloppy about password and access codes. It’s up to you to prevent this from happening. Employee training and ongoing communication regarding security and fraud awareness are vital. Don’t assume that everyone understands the need for strong security. Make sure that everyone has a screen saver password and that, once a password has been used to gain access, computer users close access down when they leave their desks. Bottom line: new hires should be educated about security procedures and their individual responsibility for keeping data protected. Use regular staff meetings to keep employees aware of the need for responsible use of private passwords.
- Regular audits –financial, inventory and others—are a highly effective deterrent. Make sure your employees know that it is part of your business policy to conduct frequent, unannounced audits and reviews. Have your accountant or professional financial advisor review your financial records and accounting data for suspicious activity. Likewise, have a third-party check your computer networks and systems to identify failed logon attempts and other questionable behavior.
- Passwords are a simple first defense against unauthorized access, but there are other deterrents you may wish to consider. Simple biometric systems like fingerprint recognition or more elaborate procedures like digitally coded security access cards add an extra level of security. Naturally these cost more than implementing a simple password program, but depending upon the nature of your business, the confidentiality required and customers’ expectations, biometrics may represent a worthwhile investment. Technology changes rapidly, and formerly expensive systems often become significantly more affordable a year or so after their initial launch Stay current on what’s available, relevant, and affordable for your business.
- Last but not least, don’t cut corners when it comes to checking references or running background checks on potential employees. Even if someone comes with a personal reference from a business colleague or friend, conduct a thorough check on their work history and any possible criminal past.