Repost from From Intuit Blog by Robert Mozkowitz
Before crimes against business properties were pirates and robbers and they use guns and daggers. But this is no longer true today. Crimes against property now are being carried through laptops and even from far away places and we do not know what hit you.
For instance, a common cell phone scam is enticing you to press a code to avail of 20% discount on your phone bill, not knowing that what you press is a fund transfer to a certain phone number. The most common crimes are hacking the bank and credit card accounts and pishing. Protection include regular audit, multi user control, secure password.
Or sometimes the theft is inside job (we suffer a lot from these) So beware. Those who lose from scam or fraud out are unable to recover the losses
Take These Basic Steps Against Fraud
But this doesn’t have to happen to your small business. Here are four steps you can take to more effectively combat fraud:
1. Manage your finances using multiperson control. Giving only one employee the authority to receive payments, make deposits, and reconcile customer accounts can be an open invitation to act unscrupulously with your money. Instead, separate the power to disburse funds — from purchases to payroll — and the power to accept payments and make bank deposits. Assign a third person to record transactions and reconcile your account balances. It’s also a good idea to require anyone who handles your business’s money to take a weeklong (or longer) vacation at least once a year.
2. Regularly check your accounts and inventory. Have your bank and credit card accounts audited on a regular basis. If you use the same professional or firm to perform these audits every time, they’ll quickly learn to complete the job in short order. Because inventory is a type of asset, it also needs protection. At a minimum, have one person or group receive shipments into inventory and a different person or group do the annual or semiannual inventory counts. If any items are particularly valuable, keep them locked up and require people to sign them out, as needed, under supervision.
3. Install web-browsing protections. As soon as any electronic device connects to the internet, it becomes a potential target for scam artists. Major threats include phishing and malware making its way onto the device.
Phishing is an attempt to obtain your account, password, or other security information by pretending to be an authorized entity — such as a bank or a government agency — making a legitimate request for it. Defeat such tactics by establishing policies (see #4) against divulging secure information unless a manager verifies the request by calling the entity in question.
Malware refers to viruses and other invasive software that seeks access to your electronic devices in order to destroy or harvest your private data. Protect your systems against various forms of malware by installing a dedicated, reputable anti-malware app that detects and eliminates these threats before they take root.
4. Put data-security policies in writing. Many small businesses don’t bother with written data-security policies, but they are worth their weight in gold. This is because written policies underscore your fraud-prevention measures, make it easier to defend against theft, and provide a solid basis for improving data security.
The simplest and most powerful data-security policies include:
- Use secure passwords. Secure passwords typically contain 10 or more characters, use capital and lowercase letters, and feature at least one special character from the top row of the keyboard (type Shift + a number to get !, @, #, etc.).
- Passwords must not be written down and kept in the same room where they are used.
- Every secure system — and every user of each of those systems — must have a unique password.
No comments:
Post a Comment