Fiduciary is not a word you hear or read often as a small to medium business (SMB) owner.

Yet if you are the steward of any size business, fiduciary should be an active word in how you manage your business.

How does this relate to trust, security, and your business on the Internet? Let’s see.

In the recent past I’ve been involved in conversations with stewards of small businesses where the conversation went as follows.

Case 1:

Small business owner poses a problem in WordPress on their site in the LinkedIn WordPress Group.

One of the WordPress developers sends the small business owner a private message stating they would be happy to help fix the problem.

Small business owner sends over WordPress login credentials for his site; and shares on LinkedIn what’s going on.

I share with the owner they should change their WordPress login credentials once things are fixed.

Small business owner replies, “I trust ________; they’ve helped me in the past.”

What do you think is the Fiduciary responsibility of the owner?

Case 2:

Small business owner posts on Google+ concerning a tool that was shared with him by a “trusted” friend that checks if the LinkedIn password has been cracked.

I share the best practice is to avoid such tools altogether, to go directly to LinkedIn’s site and change the password directly with Linked In.

There are many reasons from the security of the site hosting the tool, who has access to the tool’s log files, the server’s log files, and what data the site is collecting from cookies and data entered.

The owner replied they trust the person who told them about the tool; and no one should ever question that person or the trust relationship.

What do you think is the Fiduciary responsibility of the owner?

I’ve worked for small to medium businesses over the past 30 some years.

I still remember working for my first medium business — American Equipment Leasing — when I was shocked to see the exit process of my manager (that was my first experience with best practice for when an employee is no longer an employee).

At the time I thought it was harsh that my boss was escorted to his desk, closely monitored while packing his personal belongings, escorted out, and in the mean time the information technology (IT) department given orders to make sure all access and clearance points were terminated.

I used to frown at the phrase, “it’s not personal, it’s business.” I would think to myself, it is personal? And in some cases, how personal can it get?

Yet, the bottom line is best practice doesn’t take into account feelings. Best practice takes into account doing what is right period.

It is not about trusting someone or not trusting someone. It is about taking 100% fiduciary responsibility for the task at hand.