
Clear your copier’s hard drive. When you make a physical copy of sensitive data, that information doesn’t necessarily disappear when the paper is shredded. Nearly every copier contains a hard drive, which means it stores a copy of every document you scan, print, copy, or fax through it.
If you decide to sell or stop using a copier, make sure you clear its hard drive first. Also, consider purchasing security or encryption for your copier, which most manufacturers offer.
Keep your software up to date. Hackers focus on weak spots in software. When the companies who make software uncover the weaknesses, they release software updates, also known as patches, to fix them. Keeping your software updated can reduce your vulnerability.
Limit your data. Don’t collect information unless it’s essential to your business. When you have critical data, limit the number of places where you store it. Purge the data when you no longer need it.

Don’t be the victim of fraud. When thieves steal bank account or credit card information, they typically work fast to make purchases before the account is shut down.
Be alert when you accept credit card payments. If someone from out of the area tries to purchase merchandise over the phone or online and pushes for speedy shipment, it’s good to be suspicious. Ask the credit card company or bank to contact the account holder to verify the transaction.
If you accept cheques for payment, always require two forms of identification, including photo ID. If you’re not selling in an area known for tourism, consider accepting only local cheques. If someone gives you a certified, cashier’s, or personal cheque after hours or on weekends—when you can’t verify the funds at your bank—think twice about accepting it.
Speak with IT. E-commerce provides opportunity for your business, but it also increases your risk of data breach and cyber-related security issues. Be sure your IT department or e-commerce providers have sound security protocols in place. Ask them to create data breach emergency response plans if they don’t already have one in place, and stress your concern about protecting personally identifiable information.
Make sure you’re covered. If a data breach occurs, it’s not something you can keep quiet. Provincial and federal laws may require you to notify customers and a simple “I’m sorry” letter might not be enough. Ensure you’re prepared for the public relations headaches and credit monitoring that could be involved with a data breach by contacting your insurance provider.
David J. Sexton, CPCU, is vice-president of loss prevention consulting at Jewelers Mutual Insurance Co., in the United States. A graduate of the University of Wisconsin, Sexton serves on the Underwriters’ Laboratories’ (UL) Security Systems Council, where he is a corporate member of the insurance category. He also sits on the board of directors for Jewellers Vigilance Canada (JVC), and worked on the Central Station Alarm Association’s (CSAA’s) Insurance Liaison Committee that assisted in the development of the UL burglar alarm modular certificate program and revised UL standard. Comments and questions can be sent to Sexton via e-mail at lossprevention@jminsure.com.
For training resources regarding safety and security when carrying or working with jewellery, visit JM University at JewelersMutual.com. Jewelers Mutual Insurance Company is the only company specializing exclusively in jewellery insurance in the United States and Canada. It is licensed in all 50 U.S. states and Canada.