From Susan Ward,
Your Guide to Small Business: Canada.
FREE Newsletter. Sign Up Now!

The ever-growing problem of identity theft means that businesses need to make concerted efforts to protect their customers' personal information and other sensitive business data. Here are five more things you can do to prevent identity theft:

6) Protect your computer from hackers.

Hacking into company systems and databases appears to have become a favourite identity theft technique – perhaps because in so many cases, it’s so easy. Your computer network needs to be protected by firewalls, which help keep out intruders by shutting out unauthorized people and letting others go only to the areas they have privileges to use. You can purchase firewalls at any computer store (or online). Another option for small or home businesses is to purchase and install a small (four to eight port) router. These often have firewall protection capability.

If you’re running Windows operating systems, it’s also important that you keep your operating system updated, installing the various patches as they come out. Often these patches are fixes for security holes. (If you use Windows XP, you will be alerted automatically to these updates.)

7) Be aware the Internet is a dangerous place.

Ordering something off the ‘Net using a credit card is not dangerous, as long as you are placing your order through a secure site. However, there are other dangers, such as Spyware and viruses that attempt to download automatically when you or your employees visit certain sites. If you are using Internet Explorer, make sure that you go to “Internet Options” and set the security options to a higher setting on each computer; the default is set to allow just about anything to download.

And if your company has a web site, be careful as to what kind of information you post on your site and how. If you are going to place sensitive information on the ‘Net, (something you should be very cautious about), such as financial data or customer databases, it needs to be password protected and encrypted.

8) Avoid broadcasting information.

The other day I made a purchase at a computer store. The associate asked me for my phone number and popped up all my personal information on a terminal in front of him – right in plain view of five other customers! I was tempted to ask him if he wanted to read it all off out loud to make it even easier for them all to remember it.

This sort of cavalier sharing of personal information, which makes identity theft so easy, has to stop. Train your employees to be sensitive to customer information issues, making sure they keep customer information private when they’re dealing with individual customers. Turning computer screens so that they can’t be viewed by anyone except the operator is a simple thing. So are practices such as not repeating customer information out loud or not leaving files with customer information lying open on counters.

9) Create and enforce a company wide security policy.

The purpose of your security policy is to educate your employees about issues such as identity theft and data protection. It should include information on email policies (such as what email filters are in place and how to deal with suspicious email), computer network access, Internet use policies (such as how to increase browser security settings and safe practices, such as disconnecting from the ‘Net when they’re done using it), customer information protection strategies, and how to report incidents or violations. In other words, a manual of the issues involved with security and threats such as identity theft and what to do about them.

10) Disconnect ex-employees immediately.

When employees no longer work for your business, you need to be sure that their access to your computer network and company data is cut off immediately.

Will all this create more trouble and expense for your small business? Yes. But unfortunately, with identity theft becoming rampant, taking these steps to prevent identity theft for you and your customers is necessary.

For more information on what is being done to tackle the problem of identity theft nationally and internationally, see Privacy and American Business ID Theft Survey.

For more information on how to fight personal identity theft and what to do if you’re a victim of identity theft, see:

Identity Theft - Questions and Answers (Public Safety and Emergency Preparedness Canada)

Identity Theft: What It Is and What You Can Do About It (Office of the Privacy Commissioner of Canada)

Information for Consumers: Protecting Your Identity (BBB Online)