Take 10 Minutes for a Mid-Year Account Security Check
BY: Sam Huntington
It’s hard to believe we're more than halfway through the year. Even though your business may be focused on adjusting to post-Covid operations – however they might look for you – don’t miss an opportunity to take a quick check of your security procedures, to make sure you catch any vulnerabilities before someone else finds them.
Here are five places to start:
- Get a list of your bank account signers and authorized users, and remove any past employees or people whose job duties may no longer require account access. Don’t fall into the habit of allowing employees to share credentials, even during vacations or absences. State Bank of Cross Plains allows you to designate unlimited users for no cost, and we assign unique login credentials to every authorized user.
- Confirm dual control procedures for sensitive account functions. Always consider requiring a second employee to sign off on handling cash, writing checks, paying invoices, and originating electronic payments. We see many employers hesitate to implement dual control procedures for fear it will offend a long-time employee, but it's important to remember that they're designed to protect employees as much as the business itself.
- Remind every employee to be on the lookout for suspicious emails. We see emails with infectious links arriving right before holiday weekends when employees are either trying to blow through emails before leaving work or logging in remotely. Email subject lines that are most likely to be opened without careful examination include “Office reopening policy,” and “Please read: new vacation schedule,” as well as the old favorite, “Payroll has been delayed.”
- Update your employee contact list. Having all your employees’ cell phone numbers and personal email addresses helps you identify attempts to change payroll details and bogus emails purporting to be from your remote workers. Never change an employee’s direct deposit information without positive confirmation at a known phone number or email address.
- Consider adding Positive Pay and ACH Filter as additional security layers. You get a gold star if you have them already. If you don’t, these services help you identify and act on unauthorized transactions within the allowable time to reverse them.
Our Treasury Management team would love the opportunity to help you with a drive-by security checkup, and we would be more than willing to sit down and delve a little deeper into your protocols to share best practices. Please don't hesitate to reach out to me, either by email or at (608) 826-3516, to discuss your needs. Wishing you and your employees a safe and secure summer!