We are big on PCI Compliance here at AVPS. And why wouldn’t we be? After all, those letters stand for Payment Card Industry compliance, and they detail ways that you — and we — can keep payments safe and secure.
CBS news recently ran an article on how, increasingly, it’s small or medium-sized businesses that are being targeted by hackers (remember that the recent Global Payments breach started with a smallish NY- based transit company). As the article notes that while the large-profile hacks make the news — Sony’s PlayStation breach, or the swiping of million of LinkedIn passwords — web surfers of malign intent “are also beginning to attack smaller enterprises, which typically have weaker tech defenses.”
By way of example, the article notes that “in May a mannequin company in Brooklyn, N.Y., lost $1.2 million in just a few hours. Verizon analyzed hundreds of data breaches in 2010 and found that 63 percent of them happened at companies that had 100 or fewer employees.”on breach, or the swiping of million of LinkedIn passwords — web surfers of malign intent “are also beginning to attack smaller enterprises, which typically have weaker tech defenses.”
We’re guessing that that description most likely describes your company. In fact, the problem is so bad, that there can be losses even greater than the fraud itself. As a member of AVPS’ own Risk Department notes, “the Federal Trade Commission sued Wyndham Worldwide hotels last month after lax security allegedly allowed $10.6 million in phony credit card charges.”
The article also references a Computer World article on hackers “using fraud automation to increase the power and speed of their attacks. Tools also abound on hacker sites to help people illegally tap into company information networks.”
The CBS piece is not necessarily comforting conclusion is that “ computer security is expensive. To many executives, it’s a black hole for spending. Even big companies with significant IT staffs have difficulty keeping up with all the changes, updates, modifications, and upgrades necessary to keep up with the world of criminal hacking.”
Smaller companies, it suggests, should do their best to bolster their defenses so that they present more difficult targets than the next company in line — a kind of corporate Darwinism, if you wil, recognizing that hacking will always be with us, but some other entity represents a weaker member of the herd, and they’ll be left as the targets for fraudsters and FTC lawsuits.
As for protecting yourself, our same Risk Department expert reminds you to doublecheck your own PCI compliance. After all, you want to be one of the healthy members of the herd, yes?
As the PCI Security Standards Council notes, compliance for small merchants includes, among other things, protection for card readers, point of sale systems, and proper storage of network equipment, routers, and paper-based records, among many other steps.
Precisely the things AVPS can help you with! Call us today to help shore up your own defenses. Consider it part of the natural evolution of your business!