How to Avoid Intrusion and Account Takeover

The use of computers in business is as necessary as breathing fresh air. Businesses with access to public information such as credit card numbers, social security or employment identification, dates of birth, names, and addresses must maintain a secure computer server system. A robust router with firewall protection is needed to prevent external threats. Each employee must be assigned password access to their systems with no password sharing, proper log maintenance, and access limited to the programs to which they need access to prevent internal threats. It is also essential that internal accounting controls and separation of duties be maintained regarding handling cash and records.

With these security measures, the system will not be as vulnerable to ransomware, account takeover, theft of intellectual property, and embezzlement.

In 1986 the US Congress passed the Computer Fraud and Abuse Act, now codified under 18 USC 1030, which makes it a federal crime to gain unauthorized access to protected computers, otherwise known as hacking if done with the intent to defraud or damage.

In Texas, unauthorized computer access (Hacking) is a misdemeanor under the Texas Penal Code Section Chapter 33.023(c), which could be elevated to a first-degree felony depending on the amount of money stolen or how much damage was done to the network.


A prosperous small business allowed a part-time employee to access the company network to improve their website. In the process, the employee took over the company’s administrator role with the Internet Service Provider and shut down the owner’s email and access to the ISP. In addition, he hacked and downloaded the entire accounting system, vendors, customers, and emails without the business owner’s knowledge.

Lesson learned: Business owners should employ a reputable company to maintain their network and systems. They should not allow anyone into your network or website without a background check, researching the company, and talking to others. The data maintained on your business computer systems is as valuable as the cash you put in your bank account.

If you need a forensic accountant to help your clients perform due diligence or recommend a computer forensics expert, call Sage Investigations, LLC at 512-791-5827 or email Edmond J. Martin, Chief Investigator, at edmartin@sageinvestigations.comClick to read about the Sage Team and their CVs.