Cybercrime fighters commence! It’s National Cyber Security Awareness Month. Every October, cyber security advocates join forces to raise awareness about the threat of cybercrime and reinforce ways to protect your sensitive information.
For business owners, cyber security is the best defense against a credit card data breach – which would have a devastating impact on your business and brand. Managed network security and PCI compliance should be a top priority for all business owners, large and small.
The PCI Security Standards Council said it best – “Following PCI security standards is just good business.” Most business owners should tackle the complex PCI compliance process by working with a Qualified Security Assessor (QSA) and an Approved Scanning Vendor (ASV) to assess their card data environment. In the meantime, there are still simple ways to secure your card-processing environment on a daily basis.
The PCI SSC has outlined the top five places cyber criminals steal credit card information from within your business. Here’s a list of those targeted areas and some tips on how to shield them from cybercrime:
1) Compromised card readers. Make sure every cashier is trained on how to identify ways thieves can compromise card readers, such as using skimmers. Keep an eye on your card readers to ensure they haven’t been tampered with.
2) Records stored in a filing cabinet. This one is simple. You shouldn’t store physical records containing credit card information unless you absolutely have to. If you do have to keep physical records, make sure they’re properly locked up and only authorized employees have access to the filing cabinet.
3) Payment system database. The same way you would secure physical records in your filing cabinet, make sure that any digital records stored within your payment system database can only be accessed by authorized personnel.
4) Hidden cameras. Pay attention to the ceiling, floor, walls, cabinets, shelves, etc. surrounding your card-processing environment. Have you ever seen a movie where the hidden camera is in the eye of the teddy bear? That actually happens in the world of cybercrime.
5) Network malware. The only way to protect your business against malware (malicious software cyber criminals use to compromise your network) is to implement managed security tools and processes. These include quarterly vulnerability scans, a stateful inspection firewall, Unified Threat Management (UTM) and 24/7 monitoring.
For more best practices in credit card data security, visit the PCI Security Standards Council website.