Bbusiness ID theft (by thieves posing as you or as valid customers) can ruin your commercial credit ratings, incur huge fraudulent expenses, allow fraudulent loans obtained in your company's name and destroy your business reputation.  Armed with just a business owner's Social Security number, a thief may be able to steal your clients' and employees' identities or sell your confidential business information. 

But protecting your SSN isn't nearly enough.  A crime called "business bustout" entails a criminal renting space in your building (hear that, home-based apartment-dwelling business owners?) and applying for credit in your company's name.  The almost identical address, differing only by suite or apartment number, may pass the credit check.  The thief can then use credit in your name, or equally frightening, sell the cards to other thieves.

And, of course, thieves can just emulate your letterhead or your online logo/website and start committing various frauds while pretending to be you.  Yikes!  Indeed, Robert Siciliano, a business identity theft expert and CEO of Boston-based IDTheftSecurity.com, reports $50 billion in losses for businesses each year, and small businesses are being targeted more often than individuals because business credit lines have higher limits.  Organize and prioritize to protect yourself:

FINANCIAL ISSUES

1)    Maintain a separate business credit history by applying for a federal tax employer identification number (EIN) and seeking all loans and capital under this number.  Many advisors urge setting up your business as an LLC or corporation to offer you greater protection.

2)    Monitor your business credit by subscribing to a credit monitoring service.  While checking your personal credit history a few times a year will suffice and can be done manually, personally monitoring your business identity theft can be exhausting--delegate! The four business credit reporting agencies are:

Business Credit USA

Dun & Bradstreeet

Equifax Business

Experian Business

3)    Place a freeze on your business credit (preventing others from securing credit in your name) if you won't need new credit lines soon.  Don't be so greedy for new business that you open yourself to fraud.

4)    Don't get fooled, and don't get phished!

Don't get conned into giving out confidential information over the phone or via the web.  If someone alleging to be front your bank or vendor contacts you, unless you know the individual personally, hang up and call them back (from a secure land-line) at the number you have in your records.  Similarly, the IRS and your bank won't be contacting you via email with personal letters—always log in from your bookmarked URLs or type them yourself.

Also, be suspicious of large, odd or international orders, especially those coming over the internet. 

5)    Check references of new vendors, especially those without a prominent and well-established reputation. 

PHYSICAL SECURITY ISSUES

6)    Secure the premises.

Having an alarm system (whether you have a home- or office-based business) with a prominently displayed warning from the security company deters criminals.  Install deadbolts for external doors, and talk to your security company about improving the security on first-floor exposed windows.  Options include shatter-proof glass, special films, bars and other nifty gadgets.

7)    Secure maintained records.

Store all of your tangible business records (customer/client records, employee data, banking records) in locked filing cabinets, and lock the cabinets whenever you are away.  Electronic database backups are best maintained in your company's safe deposit box at the bank; barring that, use a locked, fireproof safe.

8)    Secure discarded records, too.

There are too many vital pieces of client, employee and company information in the papers you discard.  Shred anything remotely sensitive.  If your company is small enough (i.e., just you and maybe an in-house assistant), a shredder from the office supply store will suffice.  Once your business grows, you'll want to investigate the services of a respected mobile or off-site shredding company like Shred-Pro or ShredIt, which offers certified document destruction.

9)    Guard your mailbox.

If the bad guys can steal your mail, they can obtain important financial info.  Invest in either a post office box for your company or locked mailbox. 

DIGITAL SECURITY ISSUES

10)     Be vigilant about computer and data access

Who wanders through your office? Customers, vendors, consultants? Friends and family, maintenance staff and colleagues?  Even in a home office, where only the UPS guy, babysitter and pizza delivery gal see your desk, it's crucial to protect sensitive data from disclosure—whether that's your SSN or EIN and bank data, clients' proprietary information or personnel files. The more clutter in your desktop environment, the harder it is to know when something is missing or if prying eyes have settled on them.

Secure laptops with security cables and desktop computers with passwords (and firewalls).  Don't post sensitive information on your walls and the periphery of your computer screen! (Take a look around—can you see your IDs & passwords, account numbers or intellectual property? Then so can everyone else!)

Maintain firewalls, encrypt your information, and protect your web site and e-mail accounts from hackers.  Regularly check for "holes" in your wi-fi network, your shopping cart or other security pitfalls.  Make friends with a security guru in your networking group!

11)    Watch your staffers.

An estimated 70% of identity crimes in the U.S. start with the theft of personal data by an employee, according to a study by Michigan State University. Instead of stealing merchandise, many employees steal data and get money.  As they say, "trust, but verify".

Do all your staffers need to be able to access programs or databases that may contain sensitive information? Password protect these and prioritize what documents are accessed on a need-to-know basis.  And if an employee leaves, even under pleasant circumstances, change any passwords to which she or he had access.

12)    Communicate with your clients frequently (via newsletters, blogs, podcasts and other measures) and request that they report any attempted spoofing or phishing. 

13)    Google your company name often, or better yet, set up Google Alert for your company's names and brand names.  This will alert you to any potentially fraudulent use of your identity.  Also watch for unauthorized sites mirroring your own site. 

14)    Keep a watchful eye for pirated content. 

While it's not as economically serious as stealing your credit or your good name, some of the bad guys are using your expertise to build their own (purloined) good will.  To make sure the content of your articles and blogs are not being plagiarized, monitor your work at CopySentry's free Copyscape search or through their ongoing services.

For further resources on business identity theft, check out:

• The Federal Trade Commission's Guide for Business:  Protecting Personal Information
• Better Business Bureau Online
• Identity Theft Resource Center

--

Julie Bestry, Certified Professional Organizer®
Best Results Organizing
"Don't apologize.  Organize!"
< organize@juliebestry.com
Visit http://www.juliebestry.com to save time and money, reduce stress and increase your productivity

Private Reply to Julie Bestry (new win)