How to implement a million dollar security team for your personal finances
Background: I have been employed as an Information Technology professional since 1987 and certified as a Law Enforcement officer since 2000. During that time, I have been responsible (either solely or as a key decision maker) in protecting the assets of companies ranging in size from $1 million to $2+ billion dollars, in a variety of industries, and within the scrutiny of a variety of audit standards.
During that time I discovered that, although the names of the products and / or techniques changed frequently, the underlying concepts were the same. In this article, I will present a high level view of the 5 most important tactics and how they translate to your personal life.
I have listed the tactics below, each one followed by an Analogy to help you understand the concept, along with an Application to understand how to apply this to your personal finances.
- Isolate - Enterprises take great measures to isolate, both physically and virtually, to the greatest extent possible. Servers, users, and applications are all limited as to who else they can interface with and specifically how they are allowed to interact. As a result, even if a thief is able to compromise an application or server it does not give them the "keys to the kingdom".
- Analogy - Think of bank safe deposit boxes. Even if you manage to steal a key and break into a bank, each of the boxes have individual locks so you can only steal from the boxes you have keys to.
- Application - Every login i.d. you use should have a separate password. The tendency is to pick a password that you feel is "good" and then use that password at every site. In doing so, you allow a hacker that steals your user name and password at a low security "casual" website (i.e. a message board or hobby website" and then use those same credentials at other websites.
- Analogy - Think of when you check on your children or pets after you've tucked them into bed at night. You know that you tucked them in, that they are safe in their room or crate, but that extra check only takes a few seconds and allows you to verify that they are safe.
- Application - You should check transaction activity on every open account at least ever month if not more often. I recommend doing so daily (don't worry, there are free tools that make it effortless) as the quicker you can detect a thief the less damage they have time to cause. This includes your checking account, savings account, and most importantly, all credit cards including the ones you "never" use.
- Analogy - Think of the spell check feature in your word processor. Very few people intentionally misspell a word, yet how many documents have you written a document without a misspelled word? Spell checkers automate the process and escalate exceptions to "the human" to react accordingly.
- Application - Automate as much as possible so you can focus on the exceptions. This includes downloading your activity when possible (instead of relying on manual entry), using a program or website to reconcile your balances, and taking advantage of the free websites that provide an analysis of your transactions.
- Analogy - Think of a weather radio. Humans have the ability to check weather reports 24 hours a day, seven days a week but seldom do as severe weather is sporadic and can often occur when we are preoccupied or even sleeping. Weather radios, in response to an alert from weather monitoring services, proactively alert us when there is something we need to pay attention to.
- Application - Take full advantage of the alerting capabilities included with your online tools and banking institutions. Most banks offer low balance alerts as well as alerts when a transaction exceeding a dollar value is made. The online tools I use will also alert me when suspicious activity is detected, a finance charge is made, or if an address change is made on any of my accounts.
- Analogy - Think of any criminal case you've ever seen on TV or perhaps been affected by. In each of those cases the holy grail is the "smoking gun" that undeniably links the criminal to the crime. The court system loves prove, and few things are as persuasive as cold, hard data that has been preserved and unaltered.
- Application - I highly recommend switching to electronic statements for a variety of reasons, not the least of which being ease of storage. Most institutions will store at least of year of statements for you and the online tools I use allow for at least 5 years, sometimes allowing for infinite storage. When you detect a thief, it is imperative that you be able to produce proof to law enforcement and the ability to give a history of their activity or "tracks" are extremely hopeful.
Thanks for reading this article. I hope you were able to find at least one tip to put to good use and perhaps prevent a future theft.