It is a fact that identity theft costs businesses around the world and South Africa in particular huge sums of money. Once a criminal gets sensitive information, they will often rack up massive charges in a short period of time. This can put customers’ financial records in jeopardy, damage a business owner’s credit history, and cause a plethora of other problems. Below are some of the ways you can protect your business and keep personal information out of the hands of the wrong parties.
Minimise stored information – The more data your business has stored, the easier it is for criminals to engage in identity theft. That’s why you should only store information that’s absolutely necessary to conduct business. While information like names and addresses might be necessary, data such as dates and places of birth probably aren’t. If you can maintain operations without storing certain types of information, it may be a smart and safe move. That way, even if other data is intercepted by a criminal, it will be considerably more difficult to use.
Have a data destruction policy – A relatively simple way to increase protection is to eliminate information that’s no longer relevant or you don’t plan on using any further. This can include deleting data from file once it hasn’t been used for a certain period of time. After replacing computer equipment like hard drives or anything that stores data, it’s necessary to destroy the equipment so the data on it can’t be recovered. This can be done via shredding or crushing equipment. In the event that you ever send old equipment out for resale or reuse, it’s important to implement data sanitation to wipe the equipment clean.
Protect paper documents – It’s critical to keep any time-sensitive printed information under lock and key to prevent unauthorized access. Some steps that can be taken include allowing only the most trusted employees to have access to these documents and storing them in a secure location, such as a safe. Once documents are no longer relevant, they should be destroyed with a paper shredder and discarded. You should also never leave important documents out in the open.
Have password protection for everything – Whenever a software platform or website is used to store sensitive information, it should require a password to log in. Because short, simplistic passwords can be easy to hack, it’s smart to mandate that they are at least eight characters long with a combination of letters, numbers, and symbols. Ideally, a platform will automatically log an employee out after a certain period of time has passed with inactivity. This is helpful in case someone forgets to log out on their own.
Implement data encryption company wide – Although technology is often the catalyst for identity theft, it can also help prevent it. By implementing a data encryption system, you can keep sensitive information secure any time it leaves your company. This practice utilizes an algorithm to convert normal text into indecipherable ciphertext so it can’t be understood by unwanted parties.