Small and medium sized businesses (SMBs) are my passion. After years in banking and helping our family-owned business, I understand both sides of the risk associated with fraud. SMB leaders know the value of work accomplished and are well practiced in what it takes to protect the business by following processes, locking doors and completing audits. Likewise, they need to understand what can be done to keep data safe from fraud internally.
Based on the Association of Certified Fraud Examiners (ACFE) Report in 2018 “private companies and small business rank highest in occupational fraud frequency at 42% compared to large corporations, government and non-profits. The biggest contributing factor is the lack of internal controls. For privately held companies which include small business, the median loss for 2018 was $164k.”
Therefore, creating a process that will increase security and peace of mind is critical. Firewalls and login credentials work but are not enough. With the explosion and usage of multi-platform devices that share data, we can fall victim by unknowingly allowing access to systems across platforms. As technology changes, so too must processes - we need to improve and change to continue to secure confidential information.
Some ways to do that are:
- Use an Enterprise Resource Platform (ERP) that has encryption protocols built into login procedures.
- Use Dual Authorization for all onsite emails with an additional security step when accessing an ERP or accounting software.
- Use RSA (Rivest-Shamir-Adleman) cryptosystem authorization for all offsite login into company confidential share drives or systems.
- Maintain Email integrity by eliminating account information, vendor information or customer information.
- Always encrypt emails.
- Train, review and test employees on a continual basis regarding email fraud technics. Everyone needs to understand the risk of email as it is the biggest entry to your company. Therefore, adopt best practices and be very purposeful.
- Obtain cyber insurance so that you are protected should a fraud event occur.
The procedures noted above are proven to protect confidential information within an SMB. While they add a level of complexity, those additional steps can make a significant difference in preventing fraud. It is important to have clear company-wide procedures in place since it only takes one innocent click to add a virus to your business and you are counting on every employee to do their part to prevent fraud.
About The Author
Sherri Wolfe is a Senior Vice President in Treasury Management for Dallas Capital Bank. She specializes in treasury products and processes to support small and medium sized business. Sherri has 20 years of banking experience, is a Certified Treasury Professional (CTP) and stays involved with her family owned business. Sherri lives in Dallas with her husband Jim, enjoys keeping up with their seven children and still gets a good laugh from a dad joke. If you want to learn more about treasury services and mitigating fraud risk, please reach Sherri at swolfe@dallascapitalbank.com.
Dallas Capital Bank is a locally owned and managed commercial bank founded to provide Dallas entrepreneurs, business owners and professionals with access to a higher level of banking service. At Dallas Capital Bank we are How Dallas Does Business. www.dallascapitalbank.com