December is Identity Theft Prevention and Awareness Month and no one is more familiar with this topic than John Sileo. He launched his career as a privacy consultant after thieves stole his identity and used it to embezzle nearly a half million dollars from his clients. Cyber criminals sabotaged his business and it nearly landed him in jail. The security breach destroyed his business and triggered a two-year legal morass. Determined to help small business owners prevent similar disastrous mistakes, Sileo became a leading professional speaker on identity theft and information control.
Small businesses must be aware that in our age of mobile computing and social media, identity theft is an ever-present threat — this even includes organizations which may be considered at low risk for identity theft.
As a practical matter, the rule applies to you if you provide products or services and bill customers later. To find out if the Red Flags Rule applies to your business, read Fighting Fraud with the Red Flags Rule: A How-To Guide for Business, a booklet published by the Federal Trade Commission (FTC).
The Red Flags Rule was created by the Federal Trade Commission (FTC) based on the Fair and Accurate Credit Transactions Act of 2003 (FACTA). The Red Flags Rule establishes how these businesses and organizations must develop, implement, and administer their Identity Theft Prevention Programs. It states that Identity Theft Prevention Programs must include the following four basic elements to address the threat of identity theft:
- Identify Relevant Red Flags
- Detect Red Flags; Set up procedures to detect those red flags in your day-to-day operations
- Prevent and Mitigate Identity Theft; If you spot the red flags you’ve identified, respond appropriately to prevent and mitigate the harm done.
- Update your Program; it’s important to keep your program current and educate your staff about the risks of identity theft that can change rapidly.
John Sileo empowers businesses of all kinds — from small-to-midrange businesses (SMBs) to enterprise level operations. He provides education about identity theft protection in order to drastically reduce your risk of suffering from a costly and devastating data breach. One of Sileo’s resources is the Identity Theft Prevention Toolbox.
Key elements outlined in the Identity Theft Prevention Toolbox include the following topics:
- Deploy Identity Surveillance
- Shred Sensitive Documents
- Freeze Your Credit
- Opt Out of Financial Junk Mail
- Protect Your Computer Systems
- Inspire Your Audience to Care About Data Theft
- Order Your Free Credit Report to Monitor Account Fraud
- Use a Fire Safe
Credit and debit card fraud and the theft of personal data are of global concern and everyone needs to do their part to protect it. Standards developed by the Payment Card Industry (PCI) major card brands are known as the PCI Data Security Standard (PCI DSS). They apply to any merchant or service provider who stores, processes or transmits customer account data. PCI compliance often requires a comprehensive approach to data security.
Merchants have significant responsibilities to assure the safety of their customers’ card data. Since compliance equates with security, it should always be a top priority for any business. TransFirst® is committed to helping our clients achieve and maintain PCI compliance to stay clear of hazardous data breaches that can lead to credit card fraud and identity theft.