We’re a camping family and during a recent road trip we stopped for a couple of nights in Dubbo. We had such a cool time riding our bikes around the Dubbo zoo! But I digress… as soon as we unhooked the van at the caravan park our neighbour came to warn us about the high level of crime in the park. In the past few days somebody had their car stolen from right beside them while they were sleeping in their tent; another had a bike stolen from the tray of their ute; and another had some bits and pieces taken from under their awning. So we had to be more careful about locking up when we went to the pool, chaining the bikes to the car overnight, bringing things inside before bed.
Unfortunately this type of thing isn’t isolated to crappy humans stealing your stuff while you’re on holiday. It happens while you’re at home. And it happens in your business. This got me thinking about how you can protect your business from theft and fraud.
Protect yourself online
Two factor authentication (2FA) is one the easiest things you can do to protect your financial and business information from online attack. Just look at the Optus and Medibank cyber attacks of 2022 – if they can fall a victim to it, we certainly can to! Every app that you use that has the ability to set up 2FA, do it! It’s a few extra seconds to log in, but isn’t your financial security worth it?
Never save your passwords and never use the same or predictable passwords. Don’t think you’re being clever by using your name and changing one of the letters for a number or a symbol. Run that password through an online checker and you might be surprised to learn that a hacker will take just 1 day to crack it! We use a password generator that creates unique 16-character passwords including letters, numbers and symbols – run that through the checker and you’ll see it’s basically uncrackable! And don’t make it easy for somebody who hacks your computer by clicking ‘yes’ to save your password. We use a password vault called Practice Protect. Actually Practice Protect is a lot more than a password vault, but you get the idea. Another good option is Lastpass. So you only need to remember one password (make it a good one), and the vault will do the rest.
Another thing to be really careful of is clicking links in emails. Some scam emails, your 14 year old could spot them from a mile away. But others are very sophisticated and can catch out even the most vigilant. So just don’t click on email links. If it looks legitimate and appears to have come from a known source – check first and log in through their website instead of the link in the email.
If you’ve received an email with new bank details – always confirm over the phone! If the receiver’s email system has been compromised you could be receiving communications from a scammer. But don’t call them from the contact details in the email or invoice as they could have been compromised too. Go to their website or get their details from a known source of truth and call to confirm. Once you’ve paid funds into a scammers account they’re next to impossible to recover!
Multiple person controls
Unfortunately theft and fraud isn’t isolated to external. We’ve heard too many times on the news of trusted employees stealing from their employer. Here are some ways you can reduce the risk.
- Trust your team members, but make it clear that you’re watching. When I was a team member, this gave me peace of mind in knowing that what I was doing was transparent and there were no misunderstandings. We had a client whose team member was stealing money from the till. The team member was even aware there was a camera right behind them – there’s no curing stupid! After this person was fired one of the safeguards put in place was another team member being responsible for reconciling the takings at the end of each day.
- Limit accessibility to your bank account. It’s convenient for your team or bookkeeper to make payments on your behalf, saving you time to do other things, and I’m surprised at the number of new clients who offer free reign to us. But this can be a slippery slope for those who are dishonest. We have access to many clients’ bank accounts – but it’s non transactional which means we can upload payment files for authorisation, check the history, and download bank statements. Whilst this does save them some time, our clients are ultimately responsible for checking the payments and releasing the funds.
- Have multiple people working on the accounts. This could mean one person is responsible for entering the bills into Xero, another makes the payments. Or one person is responsible for collating and approving timesheets and leave requests, another processes the pay run. Not only does this increase your level of security, but it also means a second set of eyes on things and genuine mistakes can be picked up early.
Read more: Employees who steal
Be aware
There’s are a lot of aspects of your business that you can delegate – bookkeeping, social media management, copy writing, IT support… but don’t delegate control. Don’t allow a single person complete control while you’re oblivious to what’s going on right in front of you. And when I say “control”, I don’t mean in a ‘control freak’ type of way. I mean, make sure you’re across every aspect of your business. That doesn’t mean that you have to do everything but be aware of what’s going on so you have some degree of understanding when things may be going off course. You could even jump in and do things yourself occasionally – this is also a good way to keep an understanding of how things are going, but also to see if there are areas that could be improved upon with potential gaps in your systems or training.
Final thoughts
There are inherently dishonest people who will take any opportunity to steal from you. Put the systems in place to minimise your risk and give your honest team members the peace of mind of transparency.
Book your complimentary discovery call with Sarah
The post Protect yourself against theft and fraud appeared first on Miss Efficiency.
Leave a Reply