In the past couple of years, thousands of businesses have experienced security breaches, putting customer data and business information at risk. If you are a frequent reader of the Direct Capital blog, you know that we talk a lot about how important it is that your customers trust you. Data breaches and lost information is not a great place to start building that trust. But, if your business knows the steps to keep your customers safe, there will be no reason to worry about breaches.
- Is Card Data Being Stored?
Card information that belongs to your customers might be stored in your POS, leaving the data unprotected and up for grabs for people with malicious intent. It is against PCI DSS (Payment Card Industry Data Security Standard) to store data in an unecrypted state. There’s nothing wrong with double-checking to be certain you aren’t storing important information in your systems.
- Stay up-to-date with Security Patches.
Java and Adobe Flash are just a couple of applications that you need to keep updated. Viruses will attack applications like Java and Adobe, among other operating systems and you don’t want to be caught off guard. Keep all your systems current with security patches so your data isn’t left extremely vulnerable.
- Implement Data Security Policies.
Training and education is a huge part of keeping your customer and employee data safe. If your employees don’t know what they can and can’t do when it comes to sensitive information, they cannot be held accountable when things go wrong. Make sure they understand the policies. And make it mandatory for your employees to pass an annual (or even quarterly) exam to keep your policies consistent.
- Have a Battle-sheet.
What would happen if you are breached? What will you do to take care of an attack if one happens? Create a list of things that need to be done just in case. This includes assessing the infrastructure to your database, the users, and your browser. You need to figure out where your weaknesses lie. Afterwards, analyze the security of your partners, suppliers, and vendors. It’s a lot of work upfront, but it will be worth it in the end… we promise!
- Stop Sending Un-Encrypted Data.
Mandate that all data is encrypted, including data in motion and at rest. If personal information is being transmitted, think about encrypting the email within your company. Don’t use free Wi-Fi networks either because data can also be intercepted.
When you’re a business and your customers’ information is in your hands, you need to be certain that you have all the equipment needed to keep it secure. Think about what you need to keep your customers’ data safe, and when you do, we can provide payments options for that updated equipment. Click the banner below to learn more!