SMEs need to focus more on data security

unlocking

Most small business owners don’t spend a lot of time worrying about their data. While they might make sure to select secure passwords, they probably never give it a second thought unless money starts vanishing from accounts, or a website is taken down by hackers. If we give the idea any consideration, we expect that either our business wouldn’t make a good target, or that our bank would simply let us know if something looked off.

Debtor financing, Auckland

While banks certainly do their best to identify and fight identity theft, there are very good reasons to keep a close eye on your online data and to take steps to protect yourself, your customers, and your employees from both overt and more subtle attacks.

Thieves don’t always go after your accounts

An identity thief certainly might try to get direct access to your funds, but one that does so is most likely no longer concerned about being detected. An equal or greater danger exists when your data security is compromised by someone who doesn’t employ such obvious methods.

Tax fraud

More sophisticated criminals can use payroll information to defraud employees and your business by claiming tax returns on real or bogus income on behalf of your employees. While Australia’s Tax office’s data-matching systems and similar preventive mechanisms by other governments are designed to detect these types of activities, criminals have been known to get away with this type of theft in the past. Further, the data captured by these criminals can then be further used to victimize individual employees in their private spheres.

Data theft

Information is often more valuable than simple cash. A hacker that manages to get into your systems might simply download sensitive data and install a keylogger to capture login information from employees. By doing so they can access even more sensitive data, which could include anything from trade secrets, to the personal information of customers, suppliers, and employees. Moreover, since most people reuse the same passwords for multiple purposes, the captured data can, again, be used to further target employees in their private spheres.

Steps you can take

Identity thieves and fraudsters are constantly innovating new ways to commit crimes, which makes security largely a reactive and preventive enterprise. No system is ever fully safe, in large part because a large number of real humans need to use it, and those tend to be locked out by their own security measures. Making sure they can get back in inherently creates vulnerabilities for less technological methods, such as social engineering.

To protect your data well, you’ll want to take steps, to make your data more difficult to access, while also preemptively working to minimise the damage a hacker can do if they were to succeed.

1. Improve password protection

Don’t allow people to use personal passwords, or any traditional password protection for email accounts or to access your business’ systems. Instead, use a single or multi-factor authenticator. Two factor authentication, for example is very difficult to circumvent, and hackers wouldn’t simply be able to brute-force their way through such a system.

2. Keep proprietary information offline

Some information may be too sensitive to save in your systems in the first place. Family recipes, trade secrets, and other proprietary information that isn’t copyrighted, patented, or trademarked should be kept either in non-digital form, or on a computer that isn’t connected to the internet. Information that isn’t available to be found can’t readily be stolen.

3. Purge data periodically or archive it offline

It’s your responsibility to protect the data of your current and past customers to the best of your ability. An important way to do that, is to purge old information regularly. Hackers have, in the past, stolen logged credit card information and personal data from millions of people at once by accessing years’ worth of customer data from poorly protected e-commerce stores. By removing old data, you can limit the scope of the damage and more easily address problems after the fact if necessary.

4. Encrypt your hard drives

One simple way to get around security measures is to take a low-tech approach and simply steal a laptop or a hard drive manually. While your online data might be properly protected, your computer is probably only protected by a simple password that can be cracked relatively easily. To keep that person from reading it, your data needs to be properly encrypted.

Taking proper precautions to keep your business’ data safe is a critical part of protecting your customers, your employees, and your own business. Moreover, doing this well is critical to earning and upholding the trust of the people your business interacts with.

  • Terms of the website use

    Please read these Terms & Conditions before using this site

    This terms of use (together with the documents referred to in it) tells you the terms of use on which you may make use of our website www.fifocapital.ie (our site). Use of our site includes accessing, browsing, or submitting information through our site.

    Please read these terms of use carefully before you start to use our site, as these will apply to your use of our site.

    By using our site, you confirm that you accept these terms of use and that you agree to comply with them. If you do not agree to these terms of use, you must not use our site.

    Other applicable terms
    These terms of use refer to the following additional terms, which also apply to your use of our site.
    Our Privacy Policy which sets out the terms on which we process any personal data we collect from you, or that you provide to us. By using our site, you consent to such processing and you warrant that all data provided by you is accurate.
    Our Cookie Policy which sets out information about the cookies on our site.
    Our Anti-Spam Policy which sets out information about our anti-spam endeavours.

    Information about us
    www.fifocapital.ie is a site operated by Fifo Capital International Ltd (“We”). We are registered in New Zealand under company number 3856796 and have our registered office at 170 Parnell Road, Parnell, Auckland 1151, New Zealand. Our main trading address is 135 Parnell Road, Parnell, Auckland 1151, New Zealand.

    Changes to these terms
    We may revise these terms of use at any time by amending this page. Please check this page from time to time to take notice of any changes we made, as they are binding on you. This terms of use was last updated on 18 September 2015.

    Changes to our site
    We may update our site from time to time, and may change the content at any time. However, please note that any of the content on our site may be out of date at any given time, and we are under no obligation to update it.
    We do not guarantee that our site, or any content on it, will be free from errors or omissions.

    Accessing our site
    Our site is made available free of charge.
    We do not guarantee that our site, or any content on it, will always be available or be uninterrupted. Access to our site is permitted on a temporary basis. We may suspend, withdraw, discontinue or change all or any part of our site without notice. We will not be liable to you if for any reason our site is unavailable at any time or for any period.

    You are responsible for making all arrangements necessary for you to have access to our site.
    You are also responsible for ensuring that all persons who access our site through your internet connection are aware of these terms of use and other applicable terms and conditions, and that they comply with them.

    Intellectual property rights
    We are the owner or the licensee of all intellectual property rights in our site, and in the material published on it. Those works are protected by copyright laws and treaties around the world. All such rights are reserved.
    You may print off one copy, and may download extracts, of any page(s) from our site for your personal use and you may draw the attention of others within your organisation to content posted on our site.

    You must not modify the paper or digital copies of any materials you have printed off or downloaded in any way, and you must not use any illustrations, photographs, video or audio sequences or any graphics separately from any accompanying text.

    Our status (and that of any identified contributors) as the authors of content on our site must always be acknowledged.

    You must not use any part of the content on our site for commercial purposes without obtaining a licence to do so from us or our licensors.

    If you print off, copy or download any part of our site in breach of these terms of use, your right to use our site will cease immediately and you must, at our option, return or destroy any copies of the materials you have made.
    No reliance on information

    The content on our site is provided for general information only. It is not intended to amount to advice on which you should rely. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.

    Although we make reasonable efforts to update the information on our site, we make no representations, warranties or guarantees, whether express or implied, that the content on our site is accurate, complete or up-to-date.

    Limitation of our liability
    Nothing in these terms of use excludes or limits our liability for death or personal injury arising from our negligence, or our fraud or fraudulent misrepresentation, or any other liability that cannot be excluded or limited by New Zealand law.

    To the extent permitted by law, we exclude all conditions, warranties, representations or other terms which may apply to our site or any content on it, whether express or implied.

    We will not be liable to any user for any loss or damage, whether in contract, tort (including negligence), breach of statutory duty, or otherwise, even if foreseeable, arising under or in connection with:
    – use of, or inability to use, our site; or use of or reliance on any content displayed on our site;
    – loss of profits, sales, business, or revenue;
    – business interruption;
    – loss of anticipated savings;
    – loss of business opportunity, goodwill or reputation; or
    – any indirect or consequential loss or damage.

    If you are a consumer user, please note that we only provide our site for domestic and private use. You agree not to use our site for any commercial or business purposes, and we have no liability to you for any loss of profit, loss of business, business interruption, or loss of business opportunity.

    We will not be liable for any loss or damage caused by a virus, distributed denial-of-service attack, or other technologically harmful material that may infect your computer equipment, computer programs, data or other proprietary material due to your use of our site or to your downloading of any content on it, or on any website linked to it.

    We assume no responsibility for the content of websites linked on our site. Such links should not be interpreted as endorsement by us of those linked websites. We will not be liable for any loss or damage that may arise from your use of them.

    Viruses
    We do not guarantee that our site will be secure or free from bugs or viruses.

    You are responsible for configuring your information technology, computer programmes and platform in order to access our site. You should use your own virus protection software.

    You must not misuse our site by knowingly introducing viruses, trojans, worms, logic bombs or other material which is malicious or technologically harmful. You must not attempt to gain unauthorised access to our site, the server on which our site is stored or any server, computer or database connected to our site. You must not attack our site via a denial-of-service attack or a distributed denial-of service attack. By breaching this provision, you would commit a criminal offence. We will report any such breach to the relevant law enforcement authorities and we will co-operate with those authorities by disclosing your identity to them. In the event of such a breach, your right to use our site will cease immediately.

    Linking to our site
    You may not link to our home page without our prior written consent.

    Third part links and resources in our site
    Where our site contains links to other sites and resources provided by third parties, these links are provided for your information only.

    We have no control over the contents of those sites or resources.

    Applicable law
    These terms of use, its subject matter and its formation (and any non-contractual disputes or claims) are governed by New Zealand Law. We both agree to the exclusive jurisdiction of the courts of New Zealand.

    Contact us

    To contact us, please mail to Fifo Capital International Ltd, PO Box 137375 Parnell, Auckland 1151, New Zealand, or email [email protected]
    Thank you for visiting our site.

  • Anti-Spam Policy

    What is spam?
    In the context of electronic messaging, spam refers to unsolicited, bulk or indiscriminate messages, typically sent for commercial purposes. “Electronic messaging” covers emails, instant messaging, SMS and other mobile phone messaging, but does not cover normal voice-to-voice communication by telephone.

    An electronic message may constitute spam if it:
    – is commercial in nature – i.e. it could be construed as offering a commercial transaction, such as goods or services for sale, or merely directing the recipient to a location where a commercial transaction could take place – is sent without the prior consent of the recipient;
    – fails to include accurate information about the sender; and
    – does not include a functional unsubscribe facility.

    Fifo Capital will take all necessary and reasonable steps required under relevant current Spam legislation to ensure that any commercial electronic messages sent to you do not constitute spam.

    Consent
    Fifo Capital will take reasonable steps to ensure that it has obtained your express consent prior to sending you electronic commercial messages about Fifo Capital’s products and services. Express consent may come in various ways, including subscribing to our mailing list, filing in a form, ticking a consent box to receive advertising or messages on our website, or consenting over the phone.

    Where it is impracticable to obtain your consent before sending electronic commercial message to you, we may infer that you have consented to receiving electronic commercial message. Inferred consent can occur:
    – via an existing business or other relationship with Fifo Capital, and where there is reasonable expectation of receiving commercial electronic messages; or
    – via conspicuous publication of a work-related electronic address; and
    – it is accessible to the public, or a section of the public
    – the subject of the message is directly related to the role or function of the recipient; and
    – the address is not accompanied by a statement saying no commercial messages are wanted.

    Identification
    Any commercial electronic message sent by Fifo Capital will include a clear and accurate identification information about Fifo Capital, the sender of the message and how we can be contacted. Fifo Capital will take reasonable steps to ensure that the identification information about Fifo Capital is accurate for a period of 30 days after the day on which you receive the electronic commercial message.

    Unsubscribing Policy
    Under Spam legislation, every commercial electronic message must contain a functional and legitimate ‘unsubscribe’ facility. This is an electronic address the recipient can use to tell the sender they do not wish to receive messages.

    Fifo Capital will take reasonable steps to ensure that:
    – all commercial electronic messages sent by us will include a functional way for the message’s recipient to indicate that they wish to unsubscribe from any future messages;
    – our unsubscribe links in any electric commercial message remain functional for at least 30 days after the original commercial electronic message was sent;
    – it allows the unsubscribe message to be sent to whoever authorised the sending of the message;
    the unsubscribe instructions are presented in a clear and conspicuous way;
    – a request to unsubscribe is honoured within five-(5)working days;
    – unsubscribing is at low or no cost, to the recipient.

    If you receive a message from Fifo Capital that is not in accordance with the above, contact us and the matter will be promptly investigated and resolved.

    Fifo Capital Unsubscribe Process
    The e-Marketing systems Fifo Capital uses for electronic communication allow recipients the option to automatically unsubscribe from any electronic commercial message.

    All manual unsubscribe requests go through the Marketing Manager or Operations Manager (as a secondary person). The necessary details for unsubscribing from any electronic commercial message sent by Fifo Capital are as follows:
    SMS: Subject Line: ‘Unsubscribe’
    Mail: Subject Line: ‘Remove’
    Post To: The relevant office as listed on the email
    Email: Subject Line: ‘Remove’
    Fax: Subject Line: ‘Remove’

    Fifo Capital Marketing
    Queries that are made with Fifo Capital through our marketing channels are gathered and kept confidentially. Fifo Capital may use some of this information to market its current and new products to customers. All marketing sent by Fifo Capital allows the recipient to opt out (unsubscribe) at no cost. If the recipient chooses to exercise that right they will be removed from any further marketing communication from Fifo Capital. Fifo Capital will not use electronic address harvesting software, or lists which have been generated using software, for the purposes of sending unsolicited commercial electronic messages.

    Contact Fifo Capital
    Please contact our Anti-Spam officer at [email protected] if you have any concerns or complaints about this policy or about our use of personal information or other privacy issues.

  • Information about our use of cookies

    Our site uses cookies to distinguish you from other users of our site. This helps us to provide you with a good experience when you browse our site and also allows us to improve our site. By continuing to browse our site, you are agreeing to our use of cookies.

    A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.
    To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.

    You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.

    If you have any questions or comments regarding this Cookies policy, please email [email protected]

  • Data Protection Policy

    See and print Fifo Capital’s data-protection-policy.

  • Terms and Conditions

    Fifo Capital understands time is critical when it comes to managing your cash flow – so our process is aimed to be as simple as possible.
    A Fifo Capital facility approval typically takes around 24 hours to set-up and depending on the required information supplied by customers, transfer of funds can take place in as little as four hours.

    The following covers the terms and conditions required for a four hour funds transfer to take place;

    1. Fifo Capital will tell the proposed client if the application is successful to receive funding. We can accept or reject the application at our sole and absolute discretion. If we accept the application the cash flow finance services will be provided solely in accordance with the documents we agree with the proposed client.
    2. Fifo Capital reserves the right to reject previously approved applications without notice and/or consultation.
    3. Fifo Capital’s application consists of a number of forms, however, not limited to fully completed and signed; Application, Receivables Finance Facility Terms and Conditions, Guarantee, Offer to Sell, and Privacy Consent forms
    4. To be eligible for a four hour funds transfer in relation to an approved application, the proposed customer must request or apply to Fifo Capital in writing before 12noon on the same business day. Such a request doesn’t guarantee the transfer will take place or funds cleared in the customer’s bank account within the four hour period.
    5. Should a four hour funding transfer request be approved, such a transfer can only be facilitated on a business day. A transfer request is not available on public or bank holidays, or weekends.
    6. Four hour funding transfers may incur a fee as detailed within the application.
    7. Fifo Capital’s aligned banks or financial institutions have the right to reject a four hour funding transfer request. Fifo Capital and its aligned banks are not liable for any loss or damages resulting from a funding transfer request not taking place or funds being cleared within a four hour period.
    8. Fifo Capital is a franchise business operation. Fifo Capital UK Ltd is the master franchisee and is therefore not responsible for the actions or inactions of its franchisees in relation to any funds transfer timing.
    9. Fifo Capital is not responsible for any loss or damages incurred or to be incurred by the would be or existing customer should a transfer not take place within or cleared funds not be received within a four hour period.

    To find out more about the full terms and conditions relating to our 4 hour funds transfer please contact Fifo Capital on 07812 334 564