Article courtesy of SBAM Approved Partner Midwest Transaction Group/Veracity.
Question:
I have heard a lot in the news lately about data breaches at businesses just like mine. How can I help protect myself and my customers?
Answer: While most businesses go to great lengths to protect inventory, some are lax when it comes to securing credit card processing equipment. Security breaches are indeed becoming more and more common, with the trendy targets being small and mid-sized businesses. Verizon’s 2013 Data Breach Investigations Report analyzed 47,000 data security incidents over the course of one year. Many involved retail stores and restaurants. In more than 65 percent of these cases, the breach took months or years to be discovered.
It is vital merchants remain proactive when it comes to guarding customers’ data. Protecting point-of-sale (POS) equipment should be at the top of the list. Whether your terminal is traditional, virtual or through a gateway, it must be secure. Because these devices record each transaction, send transaction data to your payment processor for authorization and completion, and track customer preferences, they are extremely desirable and valuable sources of information for hackers.
In addition to basic features you look for when considering which system to use – versatility, reliability and scope –there are security measures you should take to ensure the safety of the data you are processing with it.
- When you purchase a POS system, set your own administrative passwords immediately and change them frequently, at least every 30 days.
- Be selective about who has access to passwords. Only allow access to employees who must have it.
- POS systems that browse the internet are more susceptible to breaches. Take extra precautions, making sure it is equipped with the latest encryption methodologies.
- Never use a device that is not Payment Card Industry Data Security Standard (PCI-DSS) compliant and be sure to stay compliant by renewing annually.
- If your business has multiple locations, ensure the passwords are different at each one. A single set of credentials would allow fraudsters easy access to all equipment, regardless of location.
Advancements in POS systems have made a big impact on businesses of all sizes. Some generate reports and analyze everything from itemized profitability to salesperson performance. POS can be a single device that scans cards, or it can include a number of integrated units — a card scanner, barcode scanner, and cash drawer, for instance. Internet-based systems can be viewed remotely through a secure portal, so they can be used by businesses with multiple locations. But in each instance, security is the common necessity. Be sure to make it a priority at your business.
Questions? Call our Lansing office at 888.599.2209.