Business Process Security Measures

October 15, 2020

Business Process Security Measures

Be the devil’s advocate when it comes to your internal procedures. As a leader of a small/medium sized business (SMB), lead the charge to determine workflow. It may feel intrusive at first but stay curious about how information is shared within the company and understand who is using key information and how. It is easy to get busy with production and sales output while not thinking about the security of your most valuable assets – customer and financial information. 

Some tips to consider are:

  • Streamline touchpoints of confidential information to only allow individuals in key roles to access data. 
  • Implement a strategy for data sharing internally so that invoice details and bank account information are protected.  Avoid mass distribution of emails that have secure data within the conversation.
  • Manage employee office space and mandate that no customer or confidential information be left out on desk.  When employee is away from desk, information should be locked.
  • Move old paper-based files off premises to guard against internal fraud issues.
  • Maintain all customer contact information, whether on an ERP or Outlook, in an offsite/cloud-based location. 
  • Once stored in a backup location, all files on employee computers should be purged on a rolling 12-month basis so that if a phishing campaign does penetrate your email, the information available is minimized.

Lastly and most importantly, authenticate suspicious changes. If a vendor suddenly changes bank accounts or payment methods, talk to a trusted source.  Although many SMBs today heavily rely on email, in these situations someone who knows the vendor/employee should call to confirm that the change/modification is accurate. Do not use the number on the provided invoices or email. Think through exceptions so that, in these moments, you already have a plan in place. 

When you have these procedures in place, risk is mitigated by authenticating transactions.  Go through the extra effort to create procedures for authenticating changes.  Your vendors and customers will appreciate the effort as it communicates you care and want to protect them.

About The Author

Sherri Wolfe is a Senior Vice President in Treasury Management for Dallas Capital Bank. She specializes in treasury products and processes to support small and medium sized business. Sherri has 20 years of banking experience, is a Certified Treasury Professional (CTP) and stays involved with her family-owned business. Sherri lives in Dallas with her husband Jim, enjoys keeping up with their seven children and still gets a good laugh from a dad joke. If you want to learn more about treasury services and mitigating fraud risk, please reach Sherri at swolfe@dallascapitalbank.com.

Dallas Capital Bank is a locally owned and managed commercial bank founded to provide Dallas entrepreneurs, business owners and professionals with access to a higher level of banking service. At Dallas Capital Bank we are How Dallas Does Business. www.dallascapitalbank.com