This month, Harbor is releasing several blog posts related specifically to cyber security. Security is everyone’s responsibility! At Harbor, security is a huge part of our business, we take loads of precautions on the back end that you will never see, but there are always precautions that you, the user, should take to ensure that your organization’s safety is tip top! Personal responsibility is a big part of our security philosophy.
Credit Cards in Business
Credit cards are a great way for companies to pay for goods and services, ensuring that every transaction is recorded and verified. Unfortunately, there are security issues that come with holding a credit card. It is a company’s duty to hold their credit card holders accountable, likewise, it is a card holder’s duty to be responsible. Knowing the risks and how to avoid them will greatly decrease your chances of having a security breach!
Here are some tips for keeping your business credit card safe.
Individual Cards
It is recommended that each user of company credit cards have their own card with their individual name on the card. This will pinpoint any issues by user. And if one card is stolen or compromised, the remaining cards will remain in use. Credit card companies are now in the habit of cancelling cards that they believe are being used for fraudulent purposes. Having more than one card makes sure that you aren’t caught without credit when you need it.
Credit limits
Based on Management-Level decisions, individual card holders should have credit limits based on their role, seniority, or job performance. For example, your credit limits would most likely be different for someone purchasing office supplies, vs. someone who is in charge of purchasing heavy machinery or equipment. Keep individual limits as low as practical.
Consider keeping the number of credit cards kept to a minimum
Evaluate individuals who currently hold credit card privileges and determine if you can eliminate any repetitive processes. For example, instead of each department in charge of buying their own office supplies, implement a system of Purchase Requests and assign only one or two individuals to be in charge of purchasing all office supplies.
Consider writing an Internal Company Policy
Many companies require credit card holders to read and sign a policy agreement. This agreement will give explicit instructions on what, when, and who can make purchases. Harbor Computer Services will be happy to assist you in writing this document.
Purchases over a specific dollar amount should be pre-approved
Including in your policy that requires pre-approval for purchases over a specific dollar amount s required. Dollar amounts can vary depending on individual roles or seniority.
Work with your credit card company
Work with your current credit card company and shop around other companies. Find out what their specific policies are and what securities they already have in place. You may find that switching companies might make sense or you may find there are options available that you aren’t currently taking advantage of. For example with some cards individual purchase alerts can be sent every time a card is used as an early warning system against fraud.
Thoroughly go over statements
If your accounting department isn’t doing this already, implement a process of going over every charge on your monthly statements. Find a “checks and balances” process in which receipts or other documents are turned in by card holders to be compared to the statements.
Personal Accountability
Implement company policies in which card holders are fairly but firmly held accountable for their individual cards.
No personal purchases
Company credit cards are for company-related purchases only. Not only does it cause headaches for accounting if you mix the two, it can also be a nightmare if you get audited.
Use a blocking sleeve
Store your credit cards in a RFID Blocking sleeve. These sleeves will lower your chances of your card being “electronically pick-pocketed”.
Report issues immediately
If you card is lost, stolen, or compromised in any way, first report it to the credit card company immediately, then to management and/or accounting.
Check the swiper
Before swiping or inserting your card, check to see if there are any loose-fitting or wobbly parts or if something looks out of place. Scammers have come up with some very sophisticated devices that fit over the top of a card swiper, or even fit inside the card slot. Though these can’t always be detected, if you do see something amiss, don’t use it and report it right away.
Online Shopping Sources
When shopping online, always shop from a reputable company representing an approved vendor for your company. If you are outsourcing a new product, do some research, and make sure they are legitimate, and that they do not have any marks against them at the Better Business Bureau.
Online Shopping Sites
Always look to see that the website is secure before entering any personal information. All of the major browsers show whether a site is secure right in the address bar. Google Chrome will say “Not Secure” right before the address. Microsoft Edge will either show a lock (Secure) or will not show a lock (Not Secure.) But the web address will always start with “https” when it is secure. The diagram below shows exactly what you will see when browsing a secure site, and a non secure site in both Microsoft Edge and Google Chrome.
PCI Compliance
PCI is The Payment Card Industry Data Security Standard (PCI DSS) was established in 2006, and is a set of security standards designed to ensure that credit and debit card transactions are held in a secure environment. If you accept credit card payments, you must be PCI Compliant. Harbor can help you isolate your credit card processing as required by the law. But as a consumer, always be sure to check if your vendors are PCI Compliance status before selecting them.
Security is everyone’s responsibility! YOU are your first line of defense, and knowing what to look for is key!
Credit awareness makes a great lunch and learn session. Contact sarah@harborcomputerserices.net to schedule one for your staff
-Sarah Brown, Technical Trainer
About Harbor Computer Services
Harbor Computer Services is an IT firm servicing Southeastern Michigan. We work exclusively under contract with our clients to provide technology direction and either become the IT department or provide assistance to the internal IT they already have. We have won many awards for our work over the years, including the worldwide Microsoft Partner of the Year in 2010. We’re the smallest firm to have ever won this most prestigious award. Most recently we were recognized as one of the top 20 visionaries in small business IT by ChannelPro Magazine (2015). And in 2016 as the top Michigan IT firm for Manufacturing. There are a few simple things that make Harbor Computer Services the best choice for your business. •We are Professionals •We are Responsible •We are Concerned About The Success of Your Business
