Protecting Your Business and Your Customers from Identity Theft

Businesses have experienced a dramatic increase in identity theft crimes in the last few years, substantially increasing their costs and exposing their customers to more risk.

Despite massive efforts to combat the crime wave and reduce risk exposure, cyber thieves are staying one step ahead, finding new ways to infiltrate data sources to steal sensitive information. Until technology becomes available to stay ahead of them, your business will be the first and last line of defense against identity theft. Fortunately, there are steps you can take to protect your business and customers from identity thieves.

Establish More Secure Information Collection Policies

The first line of defense is how your business collects information from customers. Requesting a photo ID or verification codes with purchases may seem like a step backward, but it can be very effective in preventing identity fraud.

  • Request a photo ID from every customer using a check or credit card. Instruct your employees not to accept the payment if the ID looks fake, the photo does not resemble the customer, or the signature doesn’t match the one on the ID.
  • When taking orders by phone, fax, or the Internet, ask for the three-digit verification code from the back of the credit card and crosscheck it with the address verification system. If the information provided by the customer does not match the cardholder’s account records, decline the sale.
  • Avoid collecting information that isn’t pertinent to your product or service. For example, if it is not essential to the transaction to have your customer’s birthday, don’t ask for it.
  • Instruct employees to keep sensitive customer information to themselves. If they have to ask the customer for personal information, make sure they do so out of earshot of other customers and employees.

Increase Your Information Storage Security

Keeping up with cybersecurity technology doesn’t have to be an expensive proposition. Simply ensuring it is up to date and that procedures are strictly followed is often enough to keep thieves at bay.

  • Encryption is used when transmitting or storing customer data, especially social security, credit card, and bank account information. While thieves may still be able to access the information, they may be unable to use it.
  • Firewalls are the first line of defense for your computers and servers. Make sure you have one installed for all information portals.
  • Keep up with operating system updates, which often include fixes to potential security risks.
  • Store vital business records in locked cabinets within a sealed storage unit or closet. Limit the number of employees who have access to the records.
  • Never dispose of records without shredding them. A cross-cut shredder is the most effective in rendering them unreadable.

Establish Security Policies

  • Create policies for accepting payments that include customer identification requirements.
  • Create an account number system that does not include sensitive customer information, such as birthdates or Social Security numbers.
  • Create a system for expunging credit card and account numbers of customers who haven’t ordered from you after a certain period.

Finally, review security and business policies with your employees at monthly, quarterly, and annual meetings. The more identity theft or fraud is discussed and highlighted, the greater your employees’ awareness of the potential risk. Then, announce or post your policies so your customers are aware of your efforts. Your employees and your loyal customers are your last line of defense.