Identity theft can be a very serious problem–both for customers themselves, as well as for businesses whose reputations are at stake. Having customers’ financial information put under risk is a blow from which it is very had for an independent retailer to recover, from a public relations standpoint. So naturally, the smartest thing to do is to take steps to make sure it simply doesn’t occur in the first place.
Business.gov, the official business link to the U.S. government, recently outlined some important ground rules for keeping customer information safe:
1. Secure all paper documents and equipment. Lock up all paper documents and storage devices when not in use, shred anything you don’t need, and keep track of where you store data electronically, whether it be on cell phones, laptops or other devices. You might even want to consider physically securing computers to their workstations.
2. Protect electronic information. This may mean running security software, or conducting an audit via a reputable outside firm. Sensitive files should be encrypted before being sent over the internet. Use secure connections, such as Transport Layer Security (TLS) and Secure Sockets Layer (SSL). And store only the information you need.
3. Prepare your employees. Company confidentiality is important, and must be made a priority. Employees must be made to understand this as part of their training. Check references and perform background checks. Keep information on a need-to-know basis. Perhaps most importantly, take steps to ensure that past employees can no longer access company information.
4. Keep vendor relationships secure. Stay up on all the data security protocols of any companies your business deals with, whether it be for web hosting, payroll, or anything else. Needless to say, work only with reputable companies that can handle the data security requirements of your business.
5. Make sure to have a worst-case scenario contingency plan. Despite your best efforts, data security breaches can still happen, and you have to be prepared for that possibility. Immediately disconnect any compromised computers. Be ready to contact law enforcement or customers if necessary. Also, remember that in the event of customer identity fraud, you are required to provide a free record of the customer’s transactions.
By following these guidelines, independent retailers can minimize the negative impact that the threat of identity theft and other related security breaches can have on their businesses.