Many of us already understand the need to protect our own identity and confidential information when it comes to personal banking, but do we adhere to the same ‘rules’ when we’re dealing with our businesses?
Often a small business, which provides trade services for example; plumbing, carpentry, electrical work will grow quickly and may require short-term contractors or part-time staff. The same goes for retail, a restaurant, café, or bar. When you’re busy running your business, and it’s growing, it’s sometimes hard to stick to all the policies and procedures you set out with from the start and this can lead to breaches in security.
Securing confidential information has never been more important when it comes to business so here are a few tips to get you back on track.
If you require that your employees login to a computer each day, and/or a network, ensure that they are using strong passwords, that they change the password regularly, and – if they need to write down the password – it’s saved securely, not in the notes app of their iPhone or on a piece of paper in the top drawer of their desk.
If you give responsibility for financial transactions to members of your staff make sure you require dual control for processing of sensitive transactions. Our recommendation is also to limit employee access of sensitive functions to a need only basis.
If you don’t have a tidy desk policy there’s a chance that confidential paperwork or information could be lost or end up in the wrong hands. It’s extremely important to store all confidential information away from members of the public. If your employees are storing confidential information in their desk drawers make sure these can be locked.
Are you performing due diligence on all third party service providers? If not now is the time to start. For example, services with higher risk levels; technology, security etc., may warrant more frequent evaluations or thorough risk assessments.
Anyone responsible for the business’ operations should be performing periodic risk assessments of electronic and physical security risks and controls over sensitive processes and procedures. This will help to identify any breaches and ensure such matters are dealt with quickly, before they escalate.
Finally, establish policies and procedures for securing confidential information when new employees join the company, employees transfer, or leave the business. It is sometimes difficult to keep up with such activity, but is needed to protect your business, assets, and reputation.
If you ever experience any unusual activity, when it comes to your business accounts, it is important to contact your bank immediately so action can be taken.