According to the 2013 Identity Fraud Report by Javelin Strategy & Research, identity thieves stole more than $21 billion dollars from 12.6 million victims in 2012 — the highest amount since 2009.

Even worse from a small business standpoint, fraud victims tend to become more careful about where they shop after having their identities stolen.

According to the Javelin study, 15% of all fraud victims decided to avoid smaller online merchants after an incident — an even larger number than those who avoid gaming sites or large retailers.

So how can you protect your customers’ sensitive information and avoid taking a major hit?

Review Your Employee Internet Policy

One of the ways hackers can gain access to a company’s sensitive documents is by taking advantage of existing security breaches. Unfortunately, many of these come from employees who aren’t careful enough about their online browsing while at work.

Employees who conduct their online shopping from work computers may be setting their employers up for trouble, since hackers regularly target ecommerce sites. A worker who unknowingly visits a compromised site can introduce malware into your company’s system, granting the hackers access to customer information stored on your servers.

A comprehensive training program about safe browsing and internet security, as well as frequent refresher courses, can help keep your customer data safe.

Encrypt Sensitive Files

Encrypting sensitive information like your customers’ personal and financial information can help protect you, even if a hacker gains access to your system. Make sure any data sorting tools you’re using, such as Syncsort, are protected.

Even with savvy employees working for you, a virus or other malware can get into your system. Encryption provides a crucial second layer of protection for you and your customers.

Limit Your Personal Customer Information

The more personal details you require from customers, the more risk you take on.

This is especially true if you’re using your customers’ social security or driver’s license numbers as account numbers.

If your business requires you to ask for private information, don’t do it in front of other customers, and keep all computer screens turned away from customer view.

Know Vendor and Contractor Policies

It’s not just your internal employees who may have access to private customer information. Vendors and contractors, such as website designers or payment processors, may also be able to get into these private areas.

Talk to these contractors before they do any work for you. Find out what measures they take to protect your and your customers’ information, and lay out terms defining who is going to be responsible in the case of a breach.

Identity theft isn’t just costly for the immediate victim. Exposing your customer information to hackers may leave you open to liability. Even if that’s not the case, your business is going to suffer when word gets out that fraudsters gained access to your customer data.

By educating yourself and employees, and taking steps to keep customer information under lock and key, you can keep both your customers and your business safe.

Photo credit: creditrepair.com

About the Author: Freelance blogger Angie Mansfield covers a variety of subjects for small business owners. From business growth to marketing to social media, her work will give you tips to keep your business running smoothly.