Earlier this week I got a call from identity theft risk management specialist Ora DeMorrow. An old friend, Ora was calling attention to a blog entry she'd written on ways to protect yourself against a few common forms of identity theft.
Ora's recommendations are spot-on for individuals, but for your company the problem of identity theft is both vastly different and potentially greater. The problem for companies is that your exposure to identity theft is greater. You can't avoid having your contact information available to the public if you want to do business with them. This means that identity thieves have access to your logo, you address, the names of your principals, and probably everything they need to pretend to be representing your company.
Also, because many companies have wide interests in many states and in some cases many countries, it's really complex trying to keep tabs on everything. To make matters worse, there really aren't any comprehensive services that will watch all aspects of your company's property and protect them against fraud and theft.
But you can protect some of your more valuable assets, including your company's buildings and trademarks, and you can monitor your accounting systems to watch for potentially fraudulent expenses. For many companies, the most serious kind of identity theft is trademark theft. Sometimes trademark theft can take the form of outright unauthorized use of your name and trademark by someone else. Sometimes it can be a trademark that's confusingly similar or a Web address that takes your name. The best source for dealing with this is MarkMonitor, a company with a monitoring service that continuously trolls the planet for unauthorized use, and other scams that may use your company's name.
But there are other things that can be done. One common unauthorized use of a company's name and trademark is in phishing scams that attempt to lure customers into giving up their private information. This is a risk for your company both because it can tarnish your good name and because it can cost you your customers. MarkMonitor will watch for this, but you can help by making it possible for people who receive such scam e-mails from you to report it. Create a place for such reporting on your company's website, and create an e-mail address such as email@example.com where potential victims can forward suspect e-mails. This has the additional benefit of letting you know if you need to fix the e-mails you send out to customers-if too many legitimate e-mails start showing up in the abuse box, you might have a problem of a different sort.
Another significant asset you need to keep an eye on is your real property. Before you dismiss property theft as something only little old ladies have to worry about, remember that the New York Daily News was able to steal the Empire State Building using phony documents (they gave it back a couple of days later). While you might not be able to control the use of inept people in your local court clerk's office, you can monitor your property. One easy way is by using ePropertyWatch, a service aimed at homeowners that works just as well for business property. ePropertyWatch is operated by First American CoreLogic, which provides a number of other anti-fraud services as well.
And, of course, you need to keep an eye on the basics, just as you would on your own credit card and bank activities. If you issue credit cards to your employees, you need to monitor the statements. You need to go through your banking activities frequently. And of course you need to see exactly where your company name is being used, which means you should Google your company-and variations of it-on a regular basis.