On the OPEN Forum: How You Can Protect Your Business from Hackers

hackers photo by:http://www.flickr.com/photos/31246066@N04/

Fraud Solutions Principal Dan Draz Explains How Businesses Can Battle Hackers

The American Express OPEN Forum shared how businesses large and small can defend against fraud, with guidance from Fraud Solutions principal Dan Draz. On the OPEN Forum Dan provided businesses with resources for assessing threats, evaluating policies, managing risk, and staying vigilant against the ever-present threat of fraud:

“All businesses are subject to both internal and external fraud,” agrees Daniel Draz, a certified fraud examiner and principal at Fraud Solutions in the Chicago area. “Fraud losses average approximately 5 percent of annual revenues globally.”

Next, you need to take a very close look at your business and assess your security processes. “The end of the year or beginning of the new year is always a good time to conduct anti-fraud assessments,” Draz says.

There isn’t a one-size-fits-all fraud assessment model, he explains, but there are some common areas to investigate: “Areas for inclusion in an anti-fraud assessment are dictated by potential risk and exposure,” Draz says. “Risk is not always financial and in these times the threat of data or information loss is always significant and should be included in the assessment.”

The security breach at Target proves that businesses of any size can be compromised by hackers. Management at Target estimates as many as 70 million customers may have been affected by the breach that involved the theft of customers’ names, credit and debit card numbers, expiration dates and security codes.
Policy Evaluation

Draz says companies should evaluate current policies about handling and storing consumer data and information to ensure the most secure practices are in place. The policy should include length of time the information is stored and how it will eventually be destroyed.

Protecting sensitive information requires evaluating all areas of technology within the business. Draz says those layers include the security of Internet applications as well as log-in, authentication and password policies. And don’t forget all the different technological tools you and your employees are using at work.

“What are the information security policies concerning cellular telephones, especially smartphones, as well as tablets, laptops and landlines? Are remote access policies in place?” Draz asks.

Draz also advises evaluating employee guidelines for using social media, in an effort to keep trade secrets secret.
Keep Your Eye On The Money

While looking over internal policies, make sure you cast your eye toward your accounting practices. The money trail needs to be a tight and secure path to prevent fraud. Draz suggests looking at the internal controls for how the accounting is done, how the cash is handled, who is supervising the payroll and how the bills are being paid. Ensure that each dollar that comes in and goes out is on the books.

And while the cash flow may be an obvious place to keep secure, Draz says you should check expense reports. Travel expenditures require careful review because they’re a place where fraud can easily occur.

Read the full story on the American Express OPEN Forum.