As part of my job, I look at hundreds of wire service stories each day to grab the handful of business stories that will wind up in the newspaper and on Heraldnet.
Too many of the stories I see involve a business or government agency that had been burglarized by thieves looking for people’s private information that can be used for identity theft.
Sometimes, the events involve just a few hundred people. Other times, the records of millions could be involved. The point is that identity thieves are ripping businesses off regularly and many of the owners and operators are clueless.
If you’re a business that uses credit cards or keeps other financial information about people such as Social Security numbers, it’s time to get with it. You could be putting people through the hell called identity theft, which typically can take at least a year to clear up.
“It’s a nightmare for consumers,” said Shannon Smith.
Smith, who is with the state Attorney General’s Office, participated in a program last week that was put together by the South Snohomish County Chamber of Commerce. It was aimed at helping businesses make data more secure. VISA also was a major presenter.
An assistant attorney general, Smith said identity theft is a high priority for her agency and that education is an important way to tackle it.
She noted that identity thieves have many tactics, including dumpster-diving for your trash, breaking into your business to get information, hacking into your computer, and just calling you with a fake story that convinces you to provide information voluntarily.
Smith offered some simple steps businesses can take to make information safer. They include:
Make data security and safeguarding personal information part of your business culture. Train your employees.
Retain only the information you need. Don’t need Social Security numbers? Destroy the information or delete it from computer files.
Limit the number of employees who have access to personal or financial information. Have someone audit your systems to check for improper access or to see if papers are missing.
Lock up areas that have information. Keep laptops locked up when not in use.
Use secure Internet connections and install computer firewalls and strong passwords. Again, limit access to computer information.
Smith noted that failure to keep information secure could be a violation of the state Consumer Protection Act. She added that the state is more interested in getting businesses to clean up their acts than it is in punishing them.
She stressed the importance of business paring their computer and paper records of unneeded information.
“It’s bad enough if the system is breached, but it’s really bad if the system is breached and the thieves were able to extract information that really shouldn’t be there,” she said.
Smith acknowledged that businesses aren’t the only group with a problem.
“Some of the most frequent offenders are state agencies, not just businesses,” she said.
She noted that data breaches aren’t just a hassle for consumers. Businesses or agencies also face a big expense because they must notify the people involved and they might also face a fine.
If you own or manage a business, ask yourself how long it’s been since you looked at your records and your security features to keep them safe. How about the forms you have people fill out? Do you really need all of that information?
It’s not spring, but the time is now for a little cleaning up.
Mike Benbow: 425-339-3459; email@example.com.