December is Identity Theft Prevention and Awareness Month

Identity theft is a serious issue, no matter who the victim is, but the situation can be more complicated when somebody tries to impersonate someone’s business, says Jeff Connally, president and CEO of CMIT Solutions. That is why CMIT Solutions is offering tips and advice to small business owners for Identity Theft Prevention and Awareness Month.

“Since businesses need to make themselves visible to prospective customers, they are compelled to share a lot of information with the public that individuals tend to keep private, such as their phone number and address,” Connally said. “Easy access to private contact information means heightened vulnerability to identity theft.”

According to security firm Panda Security, a significant percentage of small businesses haven’t taken very basic steps to secure their data assets. A recent survey showed that “97 percent of U.S. small businesses have installed anti-virus and 95 percent claim their security systems are up to date. Yet, 29 percent said they have no anti-spam in place, 22 percent are without anti-spyware technology and 16 percent do not have firewalls. In addition, 52 percent said they have no Web filtering solution in place. And, 39 percent of respondents said that they have yet to be trained about IT threats.”

We suggest starting with these steps:

  1. Check Credit Cards – Review your business credit report regularly.
  2. Review Employee Charge Cards – Go over employee charge card billing statements thoroughly before they are paid.
  3. Educate Employees – They should be on the lookout for phishers, phone and email scammers. People who would never think to open a suspicious-looking email in their personal inbox might not hesitate to turn over your Federal Tax Identification Number and names of key executives to someone posing as a vendor or a government representative.
  4. Beware of “Inside” Theft – Once an employee leaves the company, make sure you immediately cut off access to all your IT resources. Unfortunately, a lot of identity theft is still an “inside job”.
  5. Protect Company Data – Install a business-class firewall, encrypt your network, assign access privileges sparingly, and perform regular updates to your security software.

What are YOU doing to prevent identity theft?  Do you have any other good tips for people or businesses trying to keep their identity and information safe?

Don’t Let Your Small Business Fall Prey to Phishers, Scammers, and Credit Card Fraudsters

If you hear about identity theft in the news, it’s often in the context of individuals impersonating other individuals. But while consumers are often protected by stringent identity theft protection laws, the situation can be a lot murkier when somebody tries to impersonate your business.
 
Because they need to make themselves visible to prospective customers, businesses are compelled to share with the public a lot of information that individuals tend to keep private, such as their phone number and address. All an identity thief has to do is open up a mailbox in your shared office building, fake up some letterhead, and obtain your business license number — something many businesses are required by law to display — and they’re well on their way to opening up credit card accounts in your name, filing purchase orders, and running up bills that will eventually come to you.
 
So what can you do to prevent small business identity theft? 
  1. Review your business credit report regularly.
  2. Go over employee charge card billing statements with a fine-toothed comb before they are paid, especially if you’ve issued multiple cards for a single account.
  3. Educate employees to be on the lookout for phishers and phone and email scammers. People who would never think to open a suspicious-looking email in their personal inbox might not hesitate to turn over your Federal Tax Identification Number and names of key executives to someone posing as a vendor or a government representative. 
  4. Once an employee leaves the company, make sure you immediately cut off access to all your IT resources. Unfortunately, a lot of identity theft is still an “inside job.”
  5. Lock up your data! Install a business-class firewall, encrypt your network, assign access privileges sparingly, and perform regular updates to your security software.
According to security firm Panda Security, a shocking percentage of small businesses haven’t taken very basic steps to secure their data assets. A recent survey showed that “97 percent of U.S. SMBs have installed anti-virus and 95 percent claim their security systems are up to date. Yet 29 percent said they have no anti-spam in place, 22 percent are without anti-spyware technology and 16 percent do not have firewalls. 52 percent said they have no web filtering solution in place. 39 percent of respondents said that they have yet to be trained about IT threats.” (See this article on CIOZone for more details: http://www.ciozone.com/index.php/Security/SMBs-a-Gold-Mine-for-Identity-Thieves.html)
 
Like a lot of security trends, this one will probably get worse before it gets better. But until every state enacts small business-protection laws on par with the ones recently enacted by the state of California (http://www.businessweek.com/bwdaily/dnflash/content/jul2009/db2009079_858536.htm), vigilance and a good cybersecurity plan for your small business are absolutely key.
 
CMIT Solutions offers anti-spam, antivirus, and anti-spyware protection as part of CMIT Marathon — our suite of monitoring and maintenance services that keep your IT systems up, running, and protected, 24/7. (For more information go to www.cmitsolutions.com/marathon.php) We can also set up firewalls and perform other network security measures to make your network safer.