Online banking has made it easier and more convenient to manage business finances, but it also provides an opportunity for hackers to gain access to business accounts with the goal of making unauthorized money transfers. Better Business Bureau recommends small business owners implement a few simple steps to keep their financial information and transactions secure when banking online.
According to Visa Inc., 85 percent of data breaches occur at the small business level. Many business owners are ill prepared to defend customer or employee information in the face of an attack; 33 percent of small businesses lack even simple antivirus protection, according to Symantec Corporation.
“Small business owners might feel that they are flying under the radar of data thieves and hackers, but they are actually in the crosshairs,” said Kim States, BBB President. “That’s why BBB partnered with leading security experts to show small business owners that implementing a strong data security strategy doesn’t have to take a lot of time or resources.”
The BBB and partners Symantec Corporation, Visa Inc., Kroll’s Fraud Solutions and NACHA – The Electronic Payments Association created Data Security–Made Simpler, an online resource to help small businesses implement key data security policies and practices.
Data Security-Made Simpler tackles the key topics of small business data security including the following advice for small business owners to make secure online banking transactions:
1. Initiate a "dual control" payment process with your bank and employees.
Ensure that all payments are initiated from your bank accounts only after the authorization of two employees. One employee will authorize the creation of the payment file and a second employee will be responsible for authorizing the release of the file. This process should be in place regardless of the type of payment being initiated...including checks, wire transfers, fund transfers, payroll files, ACH payments, etc.
2. Have dedicated workstations.
Restrict the use of certain workstations and laptops solely for online banking and payments, if possible. For example, a workstation or laptop used for online banking should not be also used for Web browsing or social networking.
3. Use robust authentication methods and vendors.
Make sure your financial service providers allow for "multi-factor authentication." This means that you need more than just a user name and password to access your account.
4. Update virus protection and security software.
Ensure that all anti-spyware, anti-malware, and security software and mechanisms are robust and up-to-date for all computer workstations and laptops used for online banking and payments. Implement a process to periodically confirm they remain up-to-date. Security patches are often available via automatic updates.
5. Reconcile accounts daily.
Monitor and reconcile accounts daily against expected credits and withdrawals. If you see any kind of unexpected activity on your account, notify your financial institution immediately.
Data Security-Made Simpler was created by the BBB in collaboration with two nationally recognized data security experts, Dana Rosenfeld and David Zetoony.
Small business owners can get additional advice and tips on improving data security at www.bbb.org/data-security