Best Practices to Protect Your Business When Banking Online

April 21, 2014

Online banking has made it easier and more convenient to manage business finances, but it also provides an opportunity for hackers to gain access to business accounts with the goal of making unauthorized money transfers. The Better Business Bureau recommends small business owners implement a few simple steps to keep their financial information and transactions secure when banking online.

The Ponemon Institute survey of small businesses throughout the United States found that 55 percent of businesses responding have had a data breach, almost all involving electronic records, and 53 percent of businesses have had multiple breaches. 

“Small business owners might feel that they are flying under the radar of data thieves and hackers”, said Mechele Agbayani Mills, President and CEO of BBB Serving Central East Texas. “They are actually in the crosshairs, because they are easier targets.”

 According to the 2013 Verizon Data Breach Investigations Report, 40% of data breaches occur at the small business level. That’s why the BBB partnered with leading security experts to show small business owners that implementing a strong data security strategy doesn’t have to take a lot of time or resources.

BBB and partners Symantec Corporation, Visa Inc., Kroll’s Fraud Solutions and NACHA – The Electronic Payments Association created Data Security–Made Simpler, an online resource to help small businesses implement key data security policies and practices.

Data Security-Made Simpler tackles the key topics of small business data security including the following advice for small business owners to make secure online banking transactions:

1. Initiate a "dual control" payment process with your bank and employees. 
Ensure that all payments are initiated from your bank accounts only after the authorization of two employees. One employee will authorize the creation of the payment file and a second employee will be responsible for authorizing the release of the file. This process should be in place regardless of the type of payment being initiated...including checks, wire transfers, fund transfers, payroll files, ACH payments, etc.

2. Have dedicated workstations. 
Restrict the use of certain workstations and laptops solely for online banking and payments, if possible. For example, a workstation or laptop used for online banking should not be also used for Web browsing or social networking.

3. Use robust authentication methods and vendors. 
Make sure your financial service providers allow for "multi-factor authentication." This means that you need more than just a user name and password to access your account.

4. Update virus protection and security software. Ensure that all anti-spyware, anti-malware, and security software and mechanisms are robust and up-to-date for all computer workstations and laptops used for online banking and payments. Implement a process to periodically confirm they remain up-to-date. Security patches are often available via automatic updates.

5. Reconcile accounts daily.
Monitor and reconcile accounts daily against expected credits and withdrawals. If you see any kind of unexpected activity on your account, notify your financial institution immediately.

Data Security-Made Simpler was created by the BBB in collaboration with two nationally recognized data security experts, Dana Rosenfeld and David Zetoony.Small business owners can get additional advice and tips on improving data security at To report fraudulent activity or unscrupulous business practices, please call the BBB Hotline: (903)581-8373.