MasterCard Tips, the Final Chapter (Pt. III)
A Relentless Stream of Security Concerns
First, Heartbleed emerged, then Shellshock, and now Poodle, marking yet another significant security vulnerability in widely used software that went unnoticed for years.
“Sears quietly announced via a filing with the Securities and Exchange Commission that one of their brands, Kmart, had suffered a data breach. It appears based on the information that they’ve shared that Kmart’s point of sale systems were compromised by malicious software. Kmart has discovered themselves in the unenviable position of being shoulder to shoulder with companies such as Home Depot, Target, Dairy Queen, Neiman Marcus and other firms who have also suffered this fate.”
Two different excerpts, from two different articles, on two more breaches — newly discovered since we posted here, a mere week ago.
The impact of this constant flow of news on the electronic payment landscape is still uncertain. However, there is a silver lining as newer security measures are being expedited. A recent article in Wired suggests that the era of credit card fraud is nearing its end.
They affirm that the United States is ready to adopt the secure EMV chip-based authentication system, a standard pioneered by Europay, MasterCard, and Visa, which has already gained global acceptance. Pushed by mounting fraud costs, credit card companies have crafted incentives for merchants to switch to the sophisticated readers needed to accept the cards.”
MasterCard’s Tips for Network Security
Meanwhile, coming incentives and new technologies aside, we wrap up our mini-series on MasterCard’s Tips on what you can do to protect yourself, and your business, right now, to substantially decrease the risks of fraud, or “hackery.”
This week, we conclude with basic tips on one of the most basic aspects of all: Network security.
Make Sure All Systems Are PCI DSS Compliant
Lack of “updating” is one of the simplest steps hackers take advantage of. Make sure your business is compliant with the latest from the Payment Card Industry Data Security Standards.
Update All Your Anti-Virus Software
Many people often overlook this simple step, and it might surprise you, or maybe not, given the news.
Perform a Password Review
Look over your systems to see if any passwords are too short, too weak, or still using the “defaults” from the manufacturer.
Consider Two-Factor Authentication
Look at what sign-ins can be made more secure with two-step sign-in. Especially remote applications.
Review web-facing Applications for Vulnerabilities
That’s where we came in this week, with the news about the “Poodle” bug, now joining Shellshock and Heartbleed as examples of weaknesses in the network itself. Patches exist in the wake of these discoveries. Make sure your business is up on them.
Implement an Intrusion Detection System
They exist. And they can help.
And we hope this series of “safety tips” has helped, as well. Print ‘em out and put ‘em on the lunch room fridge! Or better yet, pass them along to everyone else in the office, even your beleaguered IT folks!
And of course, your AVPS rep is also here to help — with information on equipment upgrades, additional on and offline secure payment methods to offer your customers, and more.
Contact us. We’ll see you safely down the road, in a week.