At the CMP Protective and Investigative Group we provide security consulting for Forbes 500 companies. While they have the budget to have a consultation, small businesses and start-ups should invest in their security too.
It would be self-serving to list the many reasons why you should have a security consultant come into your business, but there are quite a few.
Instead, of going down the laundry list, here’s 10 things that you can do/facilitate to help safe-guard your business.
- Perform Background checks
Understandably, small businesses or a start ups usually forgo a background check. Their rationale is:
I’m a good judge of character.
You may well be, but a con artists is even better at playing a character. We’ve had clients absolutely shocked about what is in someone’s background check, when they’ve made such a good first impression.
Their references were great.
Who would provide a potential employer with the means to obtain a bad reference?
They have a lot of connections and endorsements on LinkedIn.
While LinkedIn is a great tool for hiring (we use it too), endorsements and connections may be made up. You can buy connections (to make yourself look like you have a vast network and obtain the coveted +500 connections on your profile) along with buying recommendations.
Background checks help weed out candidates that may have not disclosed criminal history, as well as make the employer aware of judgments, liens and driving records which may act as a red flag.
- Cyber Security
Treat cyber security as business problem, not a technical problem. Talk to your IT professional about ways to safe guard your data, not only on your computer but on your servers. Billing information that is kept on your computer is a treasure trove for identity thieves. Usually you don’t know your security has been compromised until well after. A recent example would be the heartbleed bug – a flaw in the SSL system that allowed crooks an easy way in to mine for valuable information for two years.
- Division of Labor
The only person that should hold the skeleton key is you. In small businesses the it is often “all hands on deck” way of working. While this may be great while all is good, it’s terrible if there is some sort of internal theft and develops into a full blown investigation. It’s imperative to not allow a large group of employees to freely access information when it comes to billing (either yours or the clients). An example of this could be: your staff of five, all having access to accounts receivables. Instead, delegate tasks and have a system of checks and balances.
Thomas Ruskin 
Pingback: White-Collar Crimes in Small Businesses | Thomas Ruskin