Wednesday, January 30, 2008

Is Your Credit Card Information at Risk With Small Business and Retailers

Is your credit card information at risk when you visit your local retailer? We all would like to believe that our local retailer or favorite restaurant is keeping your personal and credit/debit card information secure and out of the hands of those who want to commit fraud against many honest people doing business today. This is what I thought once I received my Visa bill one month to see $1,500.00 of liquor purchases and pizzas on my monthly statement. I was a victim of Credit Card fraud.

According to a number of industry experts, smaller business and retailers are not taking the required steps to ensure that the credit and debit card purchases made by their patrons are secure. Even today, credit card information is still being stored on local computer systems that are not protected or up to date. Many small businesses are failing to protect their networks with firewall solutions that can protect retailers from trojans and other malicious code from being installed on systems because of inappropriate web surfing being allowed in smaller retailers or attempts at stealing information via wireless connections or over the Internet.

Until recently, the payment card industry’s training was not up to par to educate small business merchants in what it took to ensure their transaction information was occurring in a secure manner. As of the end of July 2007, Visa USA has started to require that some 250 or so credit card processors begin to share their plans to ensure that all credit card transactions happen in a secure manner.

In May of this year, the State of Minnesota passed the Plastic Card Security Act. The act clearly states that any business that wishes to do business in Minnesota must comply with the regulations around storing credit card information. The law took effect in August and holds the business owner and business liable for the costs associated with breaches or fraudulent transactions.

Why does credit card still occur in today’s world?

•Lack of knowledge – Many small business owners, retailers and restaurant owners are busy in their day to day businesses (working in their business and not on their business) and not up to speed with the current regulations to secure their patrons information from unauthorized use.

•Out of date systems – Many smaller based businesses do not have the resources to keep their computer systems up to date to ensure that credit card numbers are not stored on systems or they run older versions of software that does not offer the encryption needed when processing credit or debit transactions.

•Lack of perimeter security – I have seen this many times in small business, they fail to secure their systems with a robust and scalable firewall solution. They usually plug their Internet connection right into the back of their computer and do not employ a proper firewall solution or they purchase a router from their local office supply store that has no unified threat management security built into these devices. Firewalls such as the SonicWALL TZ180 will ensure that restaurants, retailers and small business are secure from threats on the Internet today, protect from network intrusions, spyware and virus attacks and inappropriate Internet use.

•Open wireless – Hackers can easily get into your system through an open wireless connection in a matter of seconds, they can connect, get the information they need and disconnect before you even realize that something has happened. This information is then openly sold on the Internet. Is your Wireless network secured with the best security encryption and mechanisms to ensure your customers’ information is secure?

What can your business do?

•Invest in a technology audit – An evaluation of your computer network by a certified professional will easily show you areas of vulnerabilities within your computer network and Internet/Wireless security. An audit when completed successfully will list all areas that require attention with recommendations to get you on the road towards compliance.

•Hire the best IT support – Once your evaluation is completed, having a trusted IT partner and advisor will ensure that your business systems stay up to date. This will ensure that you are protected from newly identified security threats that exist on the Internet and how these issues may affect your business systems. Hiring a Microsoft Small Business Specialist and SonicWALL Gold Partner will ensure that your network is properly cared for.

•Upgrade systems and software – It may become necessary to update your computer systems and your software to the versions that address the requirements laid out by the credit card and financial institutions. The latest versions of Windows and Microsoft Office are available and offer update security systems to protect your business.

•Learn more about PCI DSS – What is PCI DSS? PCI Data Security Standards ensure that your customer’s information is stored securely and that transactions occur in a secured manner. It is critically important that you invest the time to learn how the rules and requirements detailed in Payment Card Infrastructure compliance. Ignorance of the upcoming and current changes may just be the beginning of your challenges. On top of the investments needed once a breach has occurred many businesses may also have fines related to due diligence not being done in your business.

Many small business, restaurants and retail owners are not computer people, running out to the local computer or office supply store and investing in a low cost router is not enough to secure your business. It is a must to have a small business specialist and security professional that can recommend the right solution for you. Unified Threat Management firewalls can protect your business in the manner that will ensure your customer’s payment card information is secured the threats on the Internet, secured from hacking attempts and other business threats that are introduced when an employee uses the Internet or your systems for inappropriate use.

Also a computer support company that can take the hassle of technology off your plate with a structured maintenance plan that consists of monitoring your network, managing your systems and proactive support may just save your business from the loss of creditability associated with a breach or the hefty fines that may occur when a breach occurs on your network.





<< Home

This page is powered by Blogger. Isn't yours?

Subscribe to Posts [Atom]