While the Internet, mobile computing and online advertising can help small fries compete with larger rivals, these digital tools also invite plenty of risk. Our advice: Don't be a Luddite, but don't lie awake at night, either. Do something about it.
Fraud, for example, is a risk any business must deal with. Last year, North American merchants lost $3 billion because of online payment fraud (purchases made with stolen or unauthorized account information), according to research commissioned by CyberSource, an e-commerce and fraud prevention firm.
Giving orders the smell test is a no-brainer. Last year, 97% of businesses used at least one type of fraud detection tool, according to the report, and most used three or more.
- Slideshow: The Top Five Digital Threats To Your Business
- Slideshow: What Was The Greatest Risk You Ever Took?
- Slideshow: The 7 Scariest Hospital Complications
Verifying customer addresses against a database, which 79% of merchants did last year, was the most common technique to detect fraud. And almost 70% of merchants used services that check a card's unique verification number, which theoretically verifies that the purchaser is holding the actual card in their hand.
You can feel comfortable using popular e-commerce transaction tools like eBay's PayPal and Google Checkout, which use the typical address- and card-verification techniques plus some bonus risk models and fraud prevention systems.
But if you're paranoid, or conduct a lot of e-commerce, think about adding extra screening tools.
For example, Visa and MasterCard each offer extra card-verification systems, which are growing in popularity.
Through "Verified by Visa" or "MasterCard SecureCode," cardholders set an extra password for online purchases, beefing up security. Almost 30% of merchants supported these programs last year, and 16% more may pile on this year, according to CyberSource.
Then there are all those pesky digital intruders. Hackers have a host of incentives to get their slimy hands into your company's network. And because your small business probably can't budget for (and probably doesn't really need) a dedicated IT department, it's up to you to protect yourself.
- Slideshow: Seven Reasons Your Claim Will Be Denied
- Slideshow: Ready To Turn Your Business Into An Empire?
Hackers are usually after financial information like credit card and bank account numbers, which they'll use to make phony purchases or just nab cash. They might also try to piggyback on your broadband Internet connection in hopes of turning your computer into a spam e-mail server or using it to click on text ads at their own Web sites, artificially boosting their revenue.
Most hackers get into your system because you let them: The software you install--either on purpose or by accident--gives them access to your computer through your Internet connection.
"Key-logging" software records everything you type, including credit card numbers, and sends it back to home base. Sometimes, so-called "spyware" is attached to free software that you download from the Web. Other times it's disguised, like an e-mail attachment that says it's a family photograph or a fun game, or a pop-up Web ad that links to a spyware installer.
With all those holes in the system, thwarting hackers calls for a mix of common sense, technique, software and hardware.
First, make sure every computer has a strong password. System passwords should be as long as possible and should include both uppercase and lowercase letters, numbers and special characters such as punctuation marks. This will help prevent hackers from guessing their way into your computer.
Next, make sure all of your company's computers have up-to-date anti-virus and anti-spyware software -- products from Symantec and McAfee are popular. Set automated, regular scans, and don't skimp on renewing your subscription. This software is worthless if it's not current.
Likewise, keep all of your business software updated, from Microsoft Windows to Web-based discussion-board and blog software. Hackers like to sneak through holes in older versions.
Modern operating systems like Windows and Apple's Mac OS X have built-in software called a firewall, which blocks some doors that hackers try to punch through to get at your information. Keep this feature on by default.
If you have critical customer data on hand, like Social Security numbers or financial account information, consider using encryption software that scrambles the files until they're unlocked with a password. Premium versions of Windows Vista let you encrypt your whole hard drive using a feature called BitLocker, and Mac OS X has a built-in encryption app called FileVault.
Sadly, your own employees can be just as harmful as outside intruders. Restrict their access on company computers so they don't accidentally install spyware or other applications that crack open security holes. Archive all outgoing e-mails sent from corporate accounts. And if an employee resigns or is terminated, immediately remove their access privileges.
Finally, don't forget one of the greatest--and most embarrassing--digital threats: losing your laptop or smart phone.
To reduce your risk, hide laptops or lock them to a stationary object as often as possible. Barricade operating systems with a strong password, and avoid carrying sensitive data at all. If you must carry important files, encrypt them.
Smart phones, smaller still, can easily take a walk. If something bad does happen, devices such as Research in Motion's BlackBerry and other gadgets running the Windows Mobile operating system can often be "wiped" remotely. Ask your wireless provider about this feature.
Remember: You have much more to gain than lose by doing business digitally -- as long as you manage the risks.
