The identities of millions of consumers are stolen each year, making identity theft one of the most prolific crimes in the United States, costing consumers as much as $16 billion in 2014 alone. But it’s not just consumers who are victims of identity theft – businesses can also fall victim to the crime, which can be every bit as detrimental as it is to consumers. While no one – business or consumer – is really safe from identity theft in this increasingly digital age, there are things you can do to safeguard yourself and your customers.
Because of this ever-increasing digitalization, businesses collect more personally identifiable information (PII) about their customers than ever before. PII, which includes credit card numbers, social security numbers, birth dates, addresses and the like, is often collected during the course of sales, credit and loan applications, and when applying for jobs. The information is stored in databases, on disks or is transmitted over networks, and it is the stealing of this information that leads to identity theft. Small and medium-sized businesses may be easier to attack because they often don’t have access to the data security resources that large companies do, but everyone is vulnerable.
Another reason for the increase in identity theft is the rise of the internet. Thieves no longer have to steal paper files or go through the neighborhood trash to find data worth stealing. All it takes is a stolen or lost laptop computer to compromise the PII of millions of people, or one expert hacker who can hack into the database of a target organization. The most troubling statistic is that, while most data breaches are the result of external attacks, some happen due to insider mistakes, when employees mistakenly violate security policies or fall victim to tricksters, or malicious insiders, employees who purposely perpetuate data breaches, often for their own gain.
So, what can you do to protect yourself and your customers? These tips from Identity Guard may help reduce your chances of becoming a victim of identity theft and/or a data breach:
- Establish a Clear Security Policy and Strategy. Setting policies and strategies, and educating employees about them is the first step in protecting yourself. A good strategy should include access rules and controls, how to use security technologies, employee training and background checks and a plan of action in the event of a data breach.
- Conduct Regular Testing and Assessments. Testing existing security measures can show you how well your current practices are working, and where they’re not. It gives you a chance to fix any vulnerabilities before hackers discover them. Testing also gives you an opportunity to review how to spot and prevent fraud with your employees.
- Convey Best Practices to Employees. Employees are your front line of defense. Teach them to spot and report any suspected crime and to think security at all times. Not only will this help to make them more aware during working hours, it will also provide them with essential skills for their personal lives. Something learned at work may end up preventing them from falling victim to a phishing scheme received at a personal email address.
- Provide Credit Monitoring. Credit reporting agencies will promptly notify individuals if there is something suspicious on their reports, so offering credit monitoring provides you and your employees with a little peace of mind, knowing that you will be contacted promptly if your identity is compromised. It’s a nice addition that employees will appreciate.
If you think you’ve been a victim of identity theft, either through your business or personally – don’t panic! Report it immediately to your local police department and the Federal Trade Commission. This website provides further instruction for reporting an identity theft and a couple of helpful downloads. Identity theft can be frightening and lead to serious consequences for you and your customers. Identity theft can hit anyone at any time, but with some diligent planning and implementation of the proper policies and procedures, combined with educating yourself and your employees about identity theft, can go a long way to reducing your chances of becoming a victim.