Employee training tips – Even the most diligent employee makes mistakes. Here are a few proven techniques to train your employees and implement policies that will better protect your business from fraud.
Policies
1. Shred documents properly
One of the most basic steps you can take to protect the information your customers share with you, and your own private data is to shred all expired business documents. Use a cross-cut shredder to destroy bills, tax forms, credit cards, and bank account statements, and any other items that could be used for fraud or identity theft.
Although strip shredders, which cut documents lengthwise into narrow strips, are the most common type of shredding machine, they are also the least secure. A determined thief can reassemble documents from these strips. Cross-cut shredders slash documents from two directions, making reassembly nearly impossible.
2. Dispose securely
Indoor trash cans and alley dumpsters should never be considered secure when it comes to document disposal. This is important advice for the office and it’s just as imperative when you are on the road. All business travelers should be warned to keep track of sensitive documents when in hotels or on airplanes.
3. Use encryption
If your business uses the Internet to receive or transmit credit card information, it’s very important that data is encrypted and a secure connection is used. While it may not be within your budget to hire a security expert to review the systems you use, there are some best practices you can follow:
- Deploy the latest anti-virus software.
- Look for “HTTPS:” in the URL when transferring sensitive data to ensure the connection is secure.
- Store the most sensitive data on the fewest number of computers and segregate it from other data if possible.
- If your general liability insurance policy doesn’t cover exposure related to cyber liabilities, consider buying a cyber insurance policy.
Employee training tips
A strong set of fraud protection policies are a good first step. But they won’t do much unless you train employees to follow them and ensure they understand their role in guarding sensitive information. Here are three points to emphasize when training your employees:
1. Protect with passwords
It seems as though you need a password or code to do anything these days, but they’re a necessary safeguard and your employees should use them to protect data. Make sure passwords mix uppercase and lowercase letters with numbers and symbols, and change them regularly.
2. Establish rules for work computers
Employee training tips – Inform employees which software they can and can’t install on their work computers. Outside programs can expose holes in security networks and exploit them. It’s important that employees know this and abide by these rules.
3. Exercise caution with email
Links in emails, attachments, or other messages, even from a familiar source, can be used to bypass security systems and gain access to a network. Caution employees that if they have any doubt about an electronic communication to be safe and delete it. Let them know about your company’s spam filters and explain how to use them to stop unwanted messages.
