Show download pdf controls
  • How to protect your business

    Identity thieves can get your business details by:

    • breaking into your business and stealing your records
    • taking a photo of your business or employee details
    • stealing your passwords, account logins or myGovID details
    • obtaining access to your data through legitimate means (for example, a malicious employee targeting vulnerabilities in your systems or security controls)
    • using compromised emails with malicious links or programs
    • sending emails to phish for information from your business
    • exploiting non-secure or easy to access software.

    On this page:

    Media: Protect your business against identity crime http://tv.ato.gov.au/ato-tv/media?v=bd1bdiunji3ij9External Link (Duration: 1:18)

    Know what to protect

    Identity thieves may target your:

    • myGovID
    • business activity statement
    • employee's (or employees') personal information
    • business records containing personal or business information.

    Secure your business premises

    It only takes a few moments for thieves to photograph or steal information at your workplace. You can help keep your business, customer and employee information safe by:

    • installing physical barriers such as locked doors and windows
    • ensuring you have appropriate alarm systems in place
    • filing documents containing personal and business information in lockable storage units.

    Secure your systems

    To protect yourself and your business from identity thieves, we recommend:

    • securing your business files and employee information when they are not in use
    • changing all passwords on a regular basis
    • ensuring all employees log out of systems and lock computers when not in use
    • making sure your computers and other devices have up-to-date security and anti-virus software.

    When sourcing software for your business you may wish to confirm with the vendors:

    Protect your myGovID

    myGovID offers a greater level of security with identity document verification, compared to username and password credential and SMS verification codes.

    If you are aware or suspect that your myGovIDhas been inappropriately accessed, you need to report this immediately.

    Contact the myGovID support line on 1300 287 539 (select option 2 for myGovID enquiries) between 8.00am and 6.00pm AEST, Monday to Friday.

    International callers can contact us by phoning our switchboard on + 61 2 6216 1111 between 8.00am to 5.00pm AEST and request your call be transferred to the myGovID support line.

    See also:

    • Visit myGovIDExternal Link for more information and tips about my GovID security and staying safe online

    Ensure you have internal controls

    You can protect your business and employees by:

    • performing background checks on new employees
    • restricting new employees' access to systems and credentials
    • being able to track employees’ actions when dealing with sensitive and personal information.

    Complete our online security self-assessment

    As a taxpayer you can play a big part in protecting your records, client information and your employee information and making sure it is safe online. We encourage you to remain vigilant, take precautions, address security, and uphold your client and business privacy by assessing your online practices at least quarterly.

    You can use our online security self-assessment questionnaire to:

    • identify areas where you can improve your online practices and processes
    • understand and identify your established online security measures
    • get more information and resources to help improve your online security measures.

    The questionnaire is voluntary and anonymous – we don't record any of your personal information.

    Next step:

    See also:

    Last modified: 15 Apr 2020QC 50499