Jump to Main Content
USA flagAn Official Website of the United States Government
Starting a Business

Blogs.Starting a Business

Register

7 Ways to Protect Your Small Business from Fraud and Cybercrime

Comment Count:
15

Comments welcome on this page. See Rules of Conduct.

7 Ways to Protect Your Small Business from Fraud and Cybercrime

By Caron_Beesley, Contributor
Published: May 8, 2013

How secure are your small business assets from fraud, identity theft and cybercrime?

According to the Association of Certified Fraud Examiners (ACFE), companies with less than 100 employees lose approximately $155,000 as a result of fraud each year. Small businesses also have a higher fraud rate than larger companies and non-business owners. One of the most frequent sources of fraud is credit card abuse – largely due to the fact that few business owners actually take the time to go through every line item on their bill or choose to mingle business and personal accounts.

Other sources of fraud stem from an overall lack of security across the business – such as inadequate network and computer security and a lack of background checks when hiring employees.

Don’t be a victim! Here are some tips you can take to better protect your business from some common forms of fraud and cybercrime.

Protect Your Credit Cards and Bank Accounts

Since this is a common area of fraud for everyone from sole proprietors to employee-based firms, this one goes at the top of the list. Start by separating your personal banking and credit cards from your business accounts – this will ensure fraudsters don’t get their hands on ALL your money. Separating your accounts will also make it easier to track your business expenses and report deductions on your tax return.

Next, make sure you use your card wisely. Don’t hand over your plastic or your card number to employees or companies with which you don’t have a familiar relationship. Switch to online bill pay or make sure you store paper bills securely. Likewise, use a secure mailbox for receiving and sending bills. If you don’t have one, deposit your mail directly at the post office (this goes for any mail that contains sensitive information – you don’t want to leave it lying around in an unsecured mailbox).

Lastly, be sure to check your online banking every day for suspicious activity.

Secure Your IT Infrastructure

Every business owner should invest in a firewall as well as anti-virus, malware and spyware detection software. Backing-up is also a must and will make it a lot easier for you to continue working in the event of a cyber attack. This blog offers more advice on what to look out for and digs deeper into your options: 4 Ways to Safeguard and Protect Your Small Business Data.

Use a Dedicated Computer for Banking

This is a great idea from Forbes magazine’s 5 Ways Small Businesses Can Protect Against Cybercrime.  Use a dedicated computer for all your online financial transactions and, ideally, make sure it’s one that isn’t used for other online activity such as social media, email and web-surfing which can open up the machine to vulnerabilities. Avoid mobile banking if you can.

Have a Password Policy

Another easy step you can take to protect your IT systems is to institute a password policy. 

  • Make sure you and your employees change them regularly (every 60 to 90 days is good rule)
  • Set rules that ensure passwords are complex (i.e. contain one upper case letter, one number and must be a minimum of eight characters)
  • Use different passwords for different online and system accounts

Educate Your Staff

Employees are perhaps your biggest point of vulnerability when it comes to fraud, but they are also your first line of defense. Hold regular training sessions on basic security threats (online and off) and prevention measures – both for new hires and seasoned staff. Enforce the training by instituting policies that guide employees on the proper use and handling of company confidential information, including financial data, personnel and customer information.

For ideas on what to include in your training, check out the resources offered by small business groups like your local Small Business Development Center or Women’s Business Center (find one near you here), you could also look out for free online webinars from security organizations and businesses.

Consider Employee Background Checks

One of the first steps to preventing fraudulent employee behavior is to make the right hiring decision. Basic pre-employment background checks are a good business practice for any employer, especially for those employees who will be handling cash, high-value merchandise, or have access to sensitive customer or financial data. This blog offers tips on which background checks you can legally pursue and some tips for doing your own detective work: Conducting Employee Background Checks – Why Do It and What the Law Allows.

Insure Your Business

Fraud and cybercrime does happen; however, you can still seek to cover your damages by purchasing an insurance policy that protects you against any losses that you may incur from crime or fraud. Likewise, find out what your bank is willing to do to help you out if your credit card or business account is compromised.

How do you protect your business against fraud and cybercrime? Leave a comment below!

About the Author:

Caron Beesley

Contributor

Caron Beesley is a small business owner, a writer, and marketing communications consultant. Caron works with the SBA.gov team to promote essential government resources that help entrepreneurs and small business owners start-up, grow and succeed. Follow Caron on Twitter: @caronbeesley

Comments:

In addition to have a password policy as a general control to company's data and information on the computer, each of the individual member of staff should also have a password. This password can be used to trace a fraud. If employees know that any fraud perpetrated by them can be uncovered by tracing the password of the person committing the fraud, they will be prevented from engaging in it.
Our company hosts events every month to educate and empower our local community to take action against cybercrime - these are some of the same tips we provide to our attendees! Protecting business data and personal information is simple, but requires a proactive approach. Thank you for helping to educate business owners on this important issue.
cybercrime is a big deal. About 6 months ago my wordpress blog was hacked and the guys who hacked it inserted some malicious viruses that would crack into people who visited my blogs computers. It was a mess! We need stricter laws when it comes to those kind of crimes, but the problem is some of these hackers are in 3rd world countries where the government don't care.
Well crafted blog on saving business from falling victim to fraudulent, which is a common site nowadays. Hence it is very important to secure IT infrastructure & also considering employees background check from time to time. Also keeping eye on each & every exchange of details can be helpful to be safe at one end.
Fraud and Cybercrime are certainly growing problems, but don't forget that one of the biggest causes of fraud and identity theft is still the incorrect disposal of written and printed documents, and hard drive and other media! Here in Australia we are constantly working with businesses to ensure that they have their used documents, data and media professionally destroyed by reputable firms. Make sure that your document destruction company is NAID certified ( www.naidonline.org )as they follow strict protocols and always provide you with a certificate of destruction. Great article thank you!
Fraud and Cybercrime are the typical point appear in the small business because the small business don't have enough ability to prevent them from the crime adding the cybercrime has many way to cheat the business to make the black profit
One wouldn't take the advice to use a separate computer for his banking seriously until fraud hits. Computers are so cheap these days especially notebooks that you could buy one and dedicate it to just your banking, unless you don't care about your money that much. And accessing your bank records through your cell phone app, that's just a NO-NO!
Fraud and cybercrime does happen; however, you can still seek to cover your damages by purchasing an insurance policy that protects you against any losses that you may incur from crime or fraud. Likewise, find out what your bank is willing to do to help you out if your credit card or business account is compromised.
Caron; great article. One thing i would like to add to this is to secure your website. I have recently done a post on the recent Wordpress hacking and think it could be useful to add this to the blog. While we are looking to protect ourselves from fraud we are still responsible for people who come to our site and become the victim of cyber-crime. You can read about it here:  This post was edited to remove a link. Please review our Community Best Practices for more information about how best to participate in our online discussions. Thank you.
Thanks for your share. This post was edited to remove a link. Please review our Community Best Practices for more information about how best to participate in our online discussions. Thank you.

Pages

Leave a Comment

You must be logged in to leave comments. If you already have an SBA.gov account, Log In to leave your comment.

New users, Register for a new account and join the conversation today!