Fighting Payment Card Data Theft
Payment card fraud and data theft costs businesses millions of dollars every year.
And while larger companies may be higher profile targets, at least they have the resources to deal with a breach, as well as the resilience to recover from a financial crisis precipitated by data theft.
You would think that smaller businesses would go unnoticed, but fact is, small businesses are more vulnerable to attack because usually they lack the personnel and resources to adequately protect themselves.
To make matters worse, if a small business ends up getting attacked, the consequences may be severe enough that they even lack the resources to fully bounce back. So rather than focusing on how to recover from an incidence of card data fraud, let’s instead highlight some preventative measures designed to stop such a disaster from happening in the first place. After all, running a profitable small business is hard enough work as it is, without having to worry about to deal with setbacks dealt out by hackers and online criminals.
The Physical Aspects
Let’s start with a few common sense simple tactics, then work our way up to the more tech-related measures. Conduct reliable background checks on prospective employees. It doesn’t help to have all of the most up to date security measures in place, only to have unreliable, unscrupulous people working for you. And yes, if an applicant has a criminal record that features things like hacking or fraud (as opposed to some misdemeanor involving alcohol or unruly behavior), then you should run, not walk, away from them!
Furthermore, make sure that your business’ physical equipment is located in a place where it can’t be tampered with by outsiders. You’d be surprised at how often things like business laptops, credit card readers, or phone lines are left unattended and at the mercy of a would-be crook. And a professional hacker doesn’t need much time to commit a crime.
Also, make sure that your employees always check credit card signatures. Sure, some customers get annoyed and impatient, but the vast majority appreciates it and sees it for what it is: an entrepreneur looking after their best interests.
Finally, if you have video cameras on your premises, make sure that they cover the areas where your computer equipment rests. Having another set of (electronic) eyes never hurts for security purposes.
How are your firewalls, anti-virus software, and spyware/malware detection programs doing? Are they all current? After all, malware detectors can’t spot the latest viruses if their identities haven’t been updated into your software! And do you have encryption software that actually protects your keystrokes? Are you aware that even if you have the best firewalls and anti-virus in place, your business can still be vulnerable to keylogger programs, which basically record all of your keystrokes and send them off to hackers? Imagine every keystroke you make at your business, in the hands of hackers. Chilling, no?
This also means keeping your POS (Point of Sale) software up to date. Updates and patches are released by the parent company as new threats surface and solutions are devised to deal with them.
Isolate And Dedicate Your Network
If possible, don’t use the same network for card transactions that you use to access the Internet for general web-surfing and email. You don’t want the same Wi-Fi or LAN used to handle your transactions that you have open to customers and employees for general web use. For example, if you employ cloud file storage, it becomes even more important to make sure that as few people as possible can access those files at your end.
Instead, consider utilizing a cellular network to handle your payment card transactions. The more dedicated and exclusive the connection, the more control you have over it, and the less likelihood of an unauthorized user intruding on it and raising havoc.
If you are using a POS system, consider attaching it to a traditional old-fashioned telephone land line. That way, the Internet isn’t even part of the equation. Of course, if the old phone systems keep getting replaced by things like VoIP networks, this solution will be a temporary one at best.
All in all, we know that no sooner are new measures developed to improve data security, that hackers and criminals come up new ways to try and defeat them. Keeping your data safe is an ongoing process, but considering the possible damage to your finances and reputation, it’s a price worth paying.