Embezzlement: Password Protection

Dec 13, 2016 | News, Security, SJCC

Executive Summary:  Protecting your company passwords is like protecting any other asset.  Protect them or risk losing confidential information and/or thousands of dollars.

What is embezzlement?  This subject is one that should primarily concern company owners, but also employees.

Embezzlement is a crime punishable by jail time and/or fine depending on the state; it is the stealing of funds or property by a trusted protector of these assets.

In construction companies, we hold an abundance of data.  Some of these data include plans and specifications, proprietary or confidential property information, and banking and travel information.  The assets vary by size depending on the construction company, but can be large in value.

If someone steals the site plan to the local church, that may not be a big deal.  But stealing Government files or the P&ID drawings to an ethanol plant may get you in hot water.

Password protection.  We all have a list of passwords which permits access to our perianal or company accounts:  bank, credit card, utility, rental car, airplane, office supplies, fuel, and online shopping.

There are several ways to protect these passwords.  Here are some handy suggestions for you to consider:

  1. Apps like LastPass or 1Password can keep track of your passwords across all of your devices, mobile and desktop. This will make it easy to remember even the most complicated of passwords.
  2. If any of your apps or services allow for 2FA (two-factor authentication – most do), enable it! 2FA is where a second device is used to verify that it’s indeed you that is logging in. So for instance, when you log into your Gmail, along with your password, it will also require a text or code that you’ve setup via your mobile device.
  3. Services (often free) like Haveibeenpwned.com track and will give you heads up about companies and services that have been breached. If they detect your email address among the stolen information, they’ll let you know so you can take necessary measures.
  4. Keep those passwords complicated, but easy to remember. I know that sounds like an oxymoron, but by developing a pattern for your passwords, you can easily remember longer & more difficult passwords. The longer the password, the better and don’t forget to use uppercase, lowercase, numbers, and special characters like !@#$%^&*().

Overall, it’s good to change your password frequently. Every six months is good, or whenever you hear of some hack or password breach on the news… which ever comes first. (Probably the report of a hack on the news). That’s a good way to remember when to change your password, so you’re not the next to be reported about!

Bonus advice:  see your banker.  Whether you have a small, medium, or large company, there’ll come a time when your banker pulls you aside and suggests that you take active measures to prevent embezzlement.  They share this with you because they have seen other companies become victims of their own employees.  Talking to your banker about how to protect cash and other assets is a free consultation.  Do it!

The story.  I have more than one of these stories unfortunately, but the first one involved an employee who had access to my airline account.  She was responsible for setting up my flights across the country.  One day I went in to make a change to my flight, and there was a flight purchased to San Diego.  It wasn’t my flight; she had bought herself a ticket without my permission.  A couple hundred dollars was not the scary thing – it was that she also cut company checks.

Recent Articles

Leave A Comment