You lock the doors to your business at night, you might have cameras to add extra security, but what steps are you taking to prevent your business from falling victim to identity theft? The first step to take so you can protect your business: “know thine enemy.” Identity theft is a nightmare many grow up fearing (I know I did). For business owners, though, that nightmare can be catastrophic.
“Memorize your Social Security number and never tell a soul,” warns every mother. We all heed her advice, but identity theft has a scarier, sneakier older brother that some people haven’t heard as much about – business identity theft.
This kind of crime can leave your business in shambles, and it might have a disastrous impact on your company's finances and employees.
The cybercriminals committing this kind of theft are often doing so from other countries, stealing what you’ve built, with nothing more than readily accessible web information about your company, a few easy-to-file online forms, and the click of a button.
It’s that easy.
What is business identity theft?
Business identity theft, sometimes referred to as IT fraud, is defined by the National Cyber Security Society as “a type of identity theft committed with the intent to defraud or hurt a business by creating, using or attempting to use a business’s identifying information without authority.”
On paper, the definition is pretty benign. But in action, it’s more like waking up to see your house is on fire, and you can’t put the fire out because, according to the government, the house doesn’t belong to you anymore.
It’s not good.
These criminals can be maniacally creative with how they destroy your business. They know how to exploit weak spots and steal everything but the clothes on your back.
Fortunately, you aren’t helpless in the face of cyberattacks. Below are eight important ways to help keep your company safe from business identity theft.
1. Keep your EIN and DUNS Number secure
Everyone knows the importance of keeping your SSN secure. But we often don’t take the same steps withour business's Employer Identification Number (EIN) or with our Dun & Bradstreet (DUNS) Number. Exploiting your company’s EIN often can be enough for a criminal to file fraudulent tax returns or apply for business credit cards without you knowing. Determine who needs access to your EIN and DUNS Number. When sharing this information with them, do so securely. Avoid sending your EIN and DUNS Number in emails or texts, and be certain the public can't easily find them on the web.
2. Monitor your business regularly
Business owners are understandably busy. However, your full schedule is an entry point for cybercriminals. They're counting on you being too busy to notice they've hacked into your data. Regularly monitor your business's financial records and documents just as you do with your own personal bank statements. Conduct web searches of your business to learn what information can be easily obtained. Routinely oversee your business’s credit card expenses and reports, loans and unpaid invoices to ensure nothing is out of the ordinary.
3. Screen new companies before conducting business with them
Nearly all businesses need to build relationships with other companies in order to grow. But which companies you choose to conduct business with can mean the difference between success and collapse. Screen prospective partners before allowing them access to your business’s central information. Ensure that their prior business partnerships have been legitimate.
4. Update your antivirus software
When you’re running a business, it can be tempting to put off tedious chores like completing software updates on your employees’ work devices. If you don’t have the time, make the time.
Cybersecurity software needs to be updated frequently to fix bugs and prevent breaches. You’ll be kicking yourself later if you compromise your business’ security just to save a bit of time.
5. Secure your business online and off
Cybercriminals don’t always hide behind a keyboard. Don’t forget to upgrade your office security as well.
Key fobs and employee badges are a great way to keep track of who goes in and out of your offices.
Security guards are a big help. It may be a digital world, but it’s people who are here to protect it.
6. Use strong passwords and multifactor authentication
Is your password something like 123[insert pet’s name here]? Is it a mix of your birthdate and the street you grew up on? Do you use the same password across multiple platforms? Yikes. That’s not great, but there’s still time to fix it.
When forming a password for your company profile, it’s vital that you make it strong, long, and complex. And whatever you do, don’t repeat passwords! It’s also important to use multifactor authentication wherever possible. Security questions and email or phone code verifications are helpful forms of this.
7. Train your employees on cybersecurity
Remember: When you work for a company you are being given the keys to a castle. Everyone in your office is a target for cybercriminals. Prevent weak links in your business by regularly training your employees on their role in your company’s cybersecurity. When everyone does their part to keep your business secure, not only are you preparing yourselves to quickly respond to possible cyber attacks, but you're decreasing the likelihood criminals will choose your company in the first place.
8. Invest in comprehensive identity protection services
The prospect of business identity theft may seem scary. The idea of finding the time to take it upon yourself to protect your business may seem impossible. Fortunately, you don’t have to do this on your own. There are services out there whose primary goal is your company’s security. Investing in these security services can mean the difference between life and death for your company.
Marco specializes in exactly this, securely protecting your business. We can work with you to establish your company's baseline risk score and provide you with a technical roadmap to improve security and compliance. IdentifyIT provides you an ongoing, data-driven view of your IT risk. IdentifyIT leverages a specially designed set of industry tools and Marco's technical expertise to help you:
- Identify your vulnerabilities.
- Assess and prioritize possible actions.
- Develop a roadmap to a more secure future.
- Track your progress over time.
It's all built on the National Institute of Standards and Technology Cyber Security Framework (NIST CSF). With IdentifyIT, Marco serves as your guide to continually assess and improve the security of your IT environment so you can rest easy.
Don’t become a victim of business identity theft. Partner with us, and keep your business safe.