Sophisticated criminals with computer abilities are finding businesses that have not protected themselves and are stealing their customers’ personal information. There are three ways to handle the risk. All three must be implemented to keep your customers safe and prevent you from a possible class-action lawsuit.
Review the security measures of your online commerce system.
Meet with your technology team to identify options for protecting your network and online retail kiosk. There are verification programs, encryption, reoccurring password changes, testing, etc. that can be used to verify that the network and your customers’ private information are safe. If your online vendor lacks effective protection, find another vendor.
Purchase a cyber liability insurance policy.
This is one of those risks where having the financial backing of an insurance policy will give you the ability to take care of your customers without breaking your bank. The average cost of identity restoration is about $250 to $500 per person/company, depending on the level of theft. If you have a 1,000 customers, your cost to restore would be between $250,000 and $500,000.
Prepare a cyber security / theft event contingency plan.
The best way to mitigate the size of the loss is to get ahead of the media and customer complaints. A local company failed to have a plan. There was a three week delay before their customers knew of a breach and another four weeks before a plan was established to restore its 85,000 customers. When a breach is discovered, immediately assemble your team and work the plan. A delay or a confused message will raise suspicion, create angry customers, and lead to higher losses and restoration costs.
Copy machines are a treasure chest for thieves.
If it weren’t for a bank branch manager that intimately knew my client, the bank would have lost over $30,000 due to identity theft. My client leased a multi-use workstation copier from a large office equipment supply company in Pennsylvania. These copiers have a hard drive on them that captures every scan and copy in the event it needs to reprint at a future time. When the copier was sold at auction, identity thieves bought the copiers and stripped the hard drive of all scanned images. All of the principals signatures and letterhead were photo shopped. The identity thieves prepared a transfer request on our client’s letterhead with multiple officer signatures for money to be sent to a bank outside the United States.
The solution to this problem is buying the leased workstation’s hard drive from your vendor before you send it back. They’ll replace it with a new one. The average cost is about $300 and it will save you from an identity theft claim.