Background checks are a necessary tool in today’s sometimes violent and certainly litigious society. If a rug installation company was to hire an installer, who eventually rapes and kills a client, then the rug installation company would be held libel for the animals actions. This example is one that happens all too often.

It’s common sense to require employment background checks for school volunteers, coaches, teachers, janitorial staff and really, employees of all kinds. As a small business, one the worst thing you can do is hire an employee who becomes a legal liability or has a history of crime that comes back to bite you.

There are two ways of going about getting a criminal background check for employment:

#1 Private companies: These are information brokers who have huge databases containing public records and records from private sources.  The information on a background check might include all the addresses you’ve lived at, those you are related to, marital status, social media profiles, current and past employers, criminal histories, driving records and credit. There is also a litany of other information that may or may not be 100% correct.  These pre-employment background checks are generally a guide, but not absolute. A quick search on “Background Check” will provide dozens of resources.

#2 FBI Criminal Background Check: A true criminal record comes directly from the FBI or an FBI-approved Channeler, An FBI Identification Record—often referred to as a criminal history record or a “rap sheet”—is a listing of certain information taken from fingerprint submissions retained by the FBI in connection with arrests and, in some instances, federal employment, naturalization, or military service. The process of responding to an Identification Record request is generally known as a criminal background check.

The FBI offers two methods for requesting your FBI Identification Record or proof that a record does not exist.

Option 1: Submit your request directly to the FBI.

Option 2: Submit to an FBI-approved Channeler, which is a private business that has contracted with the FBI receive the fingerprint submission and relevant data, collect the associated fee(s), electronically forward the fingerprint submission with the necessary information to the FBI CJIS Division for a national criminal history record check, and receive the electronic record check result for dissemination to the individual. Contact each Channeler for processing times.

Robert Siciliano personal and small business security specialist toADT Small Business Security discussingADT Pulse on Fox News. Disclosures

As spring is in full swing, so are the advertisements for upcoming concerts. I, for one, look forward to getting on my Harley, snagging easy parking, and taking in a few shows this year. And, as with all seasonal activities and events, scammers are gearing up to take advantage of another opportunity to prey upon unsuspecting victims looking for a last-minute deal.

There are many options for purchasing tickets online, but not all are safe and secure. One Forbes blogger revealed how he was scammed when attempting to purchase NFL tickets. And how did he encounter these scammers? Through Craigslist.

“The seller had a Gmail account and a cell phone number and a plausible-ish explanation about why he couldn’t use them, and he was willing to meet her in person to hand them over, and they looked more or less like the last tickets I bought. So we bought them. And we went to the stadium gate, where the guy who scanned our bar codes told us we had to go to Will Call, and the lady at Will Call took one look at our tickets and pronounced them fakes.”

Ticket scams have been occurring for years. When a ticket is nothing but a piece of paper with a barcode that will be scanned at the event entrance, counterfeiting is child’s play. Some events provide wristbands to ticketed attendees, which can also be easily faked.

To avoid scams, buy tickets directly from the box office, the venue’s official ticket exchange, or any other popular website or major brand specializing in ticket sales. The blocks of tickets sold by resellers are generally legit, but have the reseller walk you to the gate and get confirmation from a ticketing agent before handing over any money.

Exercise extreme caution when using Craigslist. Do not trust watermarks, barcodes, and other low-tech security features that make tickets slightly more difficult to recreate, but are often lost on the general public when it comes to determining authenticity. A ticket may look real, until a ticket agent scans it and you are denied entry.
One way that online ticketing providers are fighting back is through the use of device reputation technology. This allows them to uncover computers and related devices that are responsible for fraudulent activity at the point of sale, and deny transactions from these devices. This kind of visibility gives ticketing services businesses a powerful advantage by allowing the to easily identify and block scam artists before the damage is done. One ticketing provider alone reduced total fraud losses by 98% with device reputation.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses identity theft  in front of the National Speakers Association. (Disclosures)

The Occupational Safety and Health Administration (OSHA) provide an exhaustive (and exhausting) detailed reference of fire safety standards here. Many states such as IOSHA (Indiana) have adopted these workplace safety tips and summed them up different fire hazards in a convenient way:

General Fire Safety Tips

To eliminate fire hazards, you can install a fire alarm system and look for potential sources of fire ignition which may exist in your facility, such as:

Electrical Failures and Misuse of Electrical Equipment

You can reduce electrical fire hazards by ensuring proper installation, maintenance, and use; conducting regular inspections; and, providing job training to employees. Also, be sure to replace worn electrical cords and avoid overloading electrical circuits.

Housekeeping and Maintenance

You can reduce the potential for fires through attention to housekeeping. Immediately dispose of flammable wastes and scrap in metal containers with metal lids. Avoid excessive stockpiling, and put trash and paper in proper containers.

Path of Travel

Do not store flammable material in any part of a means of egress. If the path that your employees must travel to leave the building is not immediately apparent from any point, mark the route with directional signs

Exit Doors

A door designated as a means of egress must be maintained so that employees can easily exit.

Do not lock exit doors; doing so prevents escape from inside the building.

Doors shall never be chained, barred, bolted, or latched when the building is occupied.

Prohibit the use of locking devices that are difficult to open against door pressure (e.g., slide bolts, hasps, hooks and eyes).

Prevent the door from being blocked by debris, surplus stock, mechanical equipment, or ice and snow.

Maintain all door components in working condition.

Robert Siciliano personal and small business security specialist toADT Small Business Security discussingADT Pulse on Fox News. Disclosures

EFTPOS skimming has become increasingly prevalent over the past few years. EFTPOS skimming—which stands for “electronic funds transfers at the point of sale”—involves either replacing the self-swipe point of sale terminals at cash registers with devices that record credit and debit card data, or remotely hacking a retailer’s POS server.

In one such case, Romanian hackers are alleged to have remotely accessed hundreds of small businesses’ POS systems and stealing enough credit card data to rack up fraudulent charges totaling over $3 million. The hackers’ targets included more than 150 Subway restaurant franchises and at least 50 smaller retailers.

Officials report a wave of credit and debit card attacks, involving point of sale terminal swapping, data skimming, and hacking into payment processors. The U.S. Secret Service, for example, will not disclose details about specific cases, but confirmed, “they are conducting a multi-state, multi-country investigation into this string of crimes.”

Meanwhile, the Oklahoma Bankers Association has stated, “It is beyond apparent our bankers are taking great losses on these cards and we also need to explore creative ideas to mitigate these losses. It is in the best interest of retailers, bankers, processors and card providers to find ways to limit these losses so that debit and credit cards can remain a viable method of payment.”

When the use of these stolen credit cards go online, iovation’s ReputationManager 360 helps banks and online merchants avoid fraud losses by detecting high-risk behavior and stopping cybercriminals in their tracks. iovation’s device identification and device reputation technology assesses risk on activities taking place at various points within an online site such as account creation, logging in, updating account information, attempting a purchase, or transferring funds. These checks can be customized and fine-tuned to suit the needs of a particular business, detecting fraudulent and risky behavior in order to identify and block cybercriminals for good.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses POS skimming on CBS. Disclosures.

Most of us have read the resume of a friend or family member and did a double take and asked “Is this really you?”

Resumes are designed to express to a potential employer your work history and skill sets. They are designed as a guide for an employer to use as a checklist to evaluate your potential. A well written resume with the right content coupled with a good interview is an interviewees best shot at getting a job.

The problem with resumes is they are created based on the honor system. Resume fraud is on the rise and honesty is in short supply these days. And while a potential employer can certainly conduct due-diligence with a series of reference checks, the information on a resume is often exaggerated and candy coated.

As a small business you can use these hiring tips to see through the smoke and mirrors and get to the point.

#1 Confirm education degrees. Any claims to any qualifications must be vetted by contacting the issuing institution to verify legitimacy and current status. If they say they attended a college be sure it wasn’t just a Springtime Kegger.

#2 Confirm all professional licenses. Most states of licensing boards online that allow for quick checks on the current status of professional licensing. Many national trade associations provide similar services. But make sure the National Association of Supreme Mechanics or whatever is recognized by another familiar organization.

#3 Confirm employment history. It’s not enough to know they worked there. You want to know that in-fact they did and why they aren’t.

#4 Inquire about resume gaps. Extensive gaps in employment might be a sign they left a job on bad terms and didn’t notate it on a resume. Background checks may show those previous non-listed jobs.

#5 Google them. Look on LinkedIn, Facebook and elsewhere. An exhaustive search of their given name, nicknames and social media handles/monikers might bring up damaging information that will help you make an effective decision.

Robert Siciliano personal and small business security specialist toADT Small Business Security discussingADT Pulse on Fox News. Disclosures

Spammers send unwanted emails or texts that are both annoying and frightening. Most spam messages are useless advertisements selling stuff you don’t need or want.

In 1995, 8,069 unique pieces of malware were detected. One out of 20 emails were spam, and the Melissa virus infected hundreds of thousands. By 2010, 54 million unique pieces of malware were detected and more than 90% of all email was spam.

SMS spam (or spam via texting) is so prevalent today because those sending it are often scammers using robocall techniques that sequentially dial numbers in any area code and extension. An online search for “mass sms software” turns up plenty of free and low-fee programs that facilitate mass texting.

Also, when you enter your mobile number on a website you might end up clicking a terms of service agreement where you allow the company to send you text advertisements. And entering your information on a mobile app is no different. If you are not careful, you could unknowingly be opening yourself up to spam from the app and any third parties they work with.

While spam is mostly annoying, it can also pose some risks to you. You could even be tricked into paying for products and services that turn out to be illegitimate or nonexistent. Spam can also be used to distribute Trojans, spyware, and exploit code that can infect your mobile device or steal your information.

To protect yourself from SMS spam, you should:

Unsubscribe to unwanted text messages – Try to reduce the amount of marketing lists that have your mobile number, If you haven’t signed up to receive text messages from an organization and don’t recognize the sender, don’t open the text or unsubscribe from the list, since this lets the spammer know that your phone is active. The best thing to do is just delete the message.

Protect your mobile phone number – Don’t give your mobile number to companies or people you don’t know. And, if you do need to give out your mobile number, make sure you should understand the company’s privacy policy to see if your information is being shared with any third parties.

Use great caution when opening attachments - Never open unsolicited business emails, or attachments that you’re not expecting—even from people you know.

Watch out for phishing scams. Don’t click on links in text messages. Instead, open your mobile browser and visit the site directly.

Do not reply to spam. Never send your credit card information, Social Security number, and other private information via email or instant message.

Watch your permissions – Make sure you know what information your apps have access to as you may be allowing them to send you text messages by just downloading the app. Read the reviews and privacy policy for the app.

Taking the time to practice some simple steps will help protect you against the risks of spam.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

Phishing occurs when scammers send emails that appear to have been sent by legitimate, trusted organizations in order to lure recipients into clicking links and entering login data and other credentials. SMiShing is a version of phishing in which scammers send text messages rather than emails, which, as with phishing emails, appear to have been sent by a legitimate, trusted organization. The terms reference a scammers’ strategy of fishing for personal information.

For instance, you could receive an email or text message from someone posing as your credit card company, asking you to confirm your account numbers or passwords.  It’s much easier to fall for these tricks on your mobile device because a lot of the things you can do to check if an email is legitimate are not available.

For instance, because of the limited screen space on your mobile device, you probably can’t see a site’s full web address, or an email sender’s full return address. Without being able to see a full address, it’s difficult to tell if the website or sender is legitimate. You also can’t “hover over” a link like you can from your computer and get a preview of a linked word or graphic.

Another factor is the “always on” nature of mobile devices. Most mobile users are more likely to immediately read their email messages and forget to apply their security practices, such as checking to see if an email is from someone they know and if any included links appear real. Because messages are checked continuously, you are more likely to encounter phishing attacks within the first few hours of launch, before security filters have a chance to mitigate the threat.

If you do click on a dangerous search result or stumble upon a malicious webpage, you could wind up accidentally downloading malware onto your phone, or simply run into inappropriate content.

To protect yourself from a mobile phishing scam, you should:

Don’t click on any links from people or companies you don’t know

Even if you do know the person or company who sent the email or text, take the time to double-check a website’s address and make sure that it appears legitimate.

Be wary of any retail site with deeply discounted prices, and always check other users’ comments and reviews before purchasing online.

Rather than doing a search for your bank’s website, type in the correct address to avoid running into any phony sites, or use your bank’s official app.

Use a comprehensive mobile security product such as McAfee® Mobile Security, which offers mobile antivirus protection, safe search, backup and restore functions, call and text filtering and the ability to locate your phone and wipe personal information in the case of loss.

The best protection from this scam is awareness. Once you understand how it works, you are better positioned to recognize mobile phishing, and how to avoid clicking links within emails or text messages or otherwise responding to such ruses.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

Going “Green” isn’t a fad, it’s necessary to save the planet. If you have watched any of the documentaries on the Discovery Channel about how the polar icecaps are melting then you might have the same sick feeling in the pit of your stomach like I do.  Conservatively, sea levels will rise around 2 feet in the next 100 years, and that’s just the beginning.

The Small Business Administration and numerous other resources are available to help small business go green.

Whether you own or lease your building, you typically need lighting, heating, air conditioning, power for office equipment, and other services to stay in business. This guide will help your business be more energy efficient.

Become Energy Efficient: Virtually any small business can improve its energy efficiency easily and cost-effectively, using the numerous resources that are available both from ENERGY STAR and a wide variety of other organizations.

Energy Saving Tips: Good energy management is good business. The prudent and conservative use of energy is one of the easiest and most cost effective steps you can take to cut operating costs and increase profitability.

Calculate Energy Savings: Get tools and resources to help you calculate energy savings from your energy efficient upgrades.

Sustainable Business Practices: After making energy efficient upgrades, you may also want to consider taking additional steps to implement sustainable business practices that help protect the environment.

Energy Efficient Upgrades: Learn about energy efficient upgrades you can make to your facilities to lower energy costs and conserve energy.

For Specific Businesses: The types of energy efficiency upgrades that provide the largest cost savings depend on the kind of business you are running.

State and Local Energy Efficiency Programs: Here you will find a listing of state, local and regional programs that help small businesses become energy efficient. These programs offer financial assistance in the form of grants and loans for making energy efficient upgrades.

The clock is ticking. The time is now. Let’s work together to save our planet.

Robert Siciliano personal and small business security specialist toADT Small Business Security discussingADT Pulse on Fox News. Disclosures

Go through your smartphone right now. Look at each app and seriously consider whether you need it. If not, delete it. Then, determine which of the free apps are worth upgrading to the paid versions, since free apps that contain advertising that puts an additional drain on your battery.

Using a special energy-profiling tool, researchers from Microsoft and Purdue University found that when a mobile is run over a 3G connection, Android and Windows Mobile apps operating third-party ad services dedicate up to 75% of their power requirements to ads rather than game play.

Applications often communicate with their sources, transferring data back and forth between your mobile phone and the app’s home server. This information could be about you, gleaned from your mobile use, or it could be new advertising. The most effective way to deal with this is to either delete the app, or in some cases you are given an option to prevent it from running in the background.

But don’t stop there. There are numerous other battery drains affecting your smartphone. To preserve battery life:

Set your phone to lock automatically after being idle for one minute

Disable Wi-Fi and Bluetooth when they are not in use

Disable all unnecessary notifications

Disable any unused location services

It’s also a good idea to get yourself set up with extra chargers for your car, travel bag, and various rooms of your home. I like getting a mix of extra long and very short cables for different applications. They can often be found inexpensively on eBay.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

A week doesn’t go by where we see news reports of a single house fire, small or large multi family building go up in flames. Dozens of people are displaced and often, someone dies. But when you think about it, fires in businesses seem to be less common.

This is probably due in part to businesses being more regulated along with having better fire safety rules in place to recognize and prevent vulnerabilities. According to the Bureau of Labor Statistics’ Census of Fatal Occupational Injuries Charts for 1992-2007, fires and explosions accounted for 3% of workplace fatalities in 2007.

IOSHA (Indiana) have adopted Federal OSHA fire prevention guidelines and summed up a fire safety checklist.

Fire Exits

Employers must provide a means of egress for employees’ use in case of fire, explosion, or natural disaster. A means of egress refers to the route your employees are to follow through the building, the exit door, and away from the building.

Fire Exit Signs

Be sure that exits are designated by a sign that is readily visible and identifiable from the distance that employees will have to travel. Fire exit signs must have letters at least six inches high and three-fourths (3/4) of an inch wide and must be illuminated by a light source or internally illuminated.

Portable Fire Extinguishers

These rules establish the minimum requirements for provision and maintenance of portable fire extinguishers. Different types of extinguishers are required based on the type of hazard at the location. As the employer, you must be aware of circumstances in your workplace that determine whether unique conditions exist that create a greater fire hazard. Contact your local fire department or fire marshal to obtain additional information or assistance with this determination.

The type of fire extinguisher needed depends on the type of fire hazard present. A fire is classified based on what fuels it. Extinguishers are rated by which types of fire they can put out, as follows.

Fire Extinguisher Classes

Class A:   For use on wood, paper, cloth;

Class B:  For use on gasoline, paints, oil;

Class C: For use on electrical wiring, fuse boxes; or

Class ABC:  For use in extinguishing fires from a variety or combination of fuel types.

Employee Training

Train employees on evacuation procedures to follow in case of a fire or other emergency.

Also, provide directions on proper use of fire extinguishers, if employees will be expected to use them. Most fire extinguishers follow this technique (pull, aim, squeeze, and sweep):

1. Pull the pin or release other locking device.

2. Aim the extinguisher nozzle (horn or hose) at the base of the fire.

3. Squeeze or press the handle.

4. Sweep from side to side at the base of the fire. Watch for reflash. Discharge the contents of the fire extinguisher.

Check the instructions for the extinguishers in your facility, as foam and water extinguishers require slightly different action.

Robert Siciliano personal and small business security specialist toADT Small Business Security discussingADT Pulse on Fox News. Disclosures