So You Want To Achieve PCI Compliance? Shields Up!
If your company accepts credit card payments, you know about PCI Compliance. Your network and system shields need to be up and secure when you handle your clients’ credit card information. Cybercriminals are always looking for ways to get past your shields.
The COVID-19 pandemic has pushed many businesses into increasing online and over-the-phone payment systems. While the virus is infiltrating our physical shields, criminals are seeking to infiltrate our digital shields. The pandemic has triggered the largest cybersecurity threat that we have ever experienced.*
When Shields Are Compromised
475%
Increase in malicious reports of cyberattacks related to the virus at the onset of the pandemic.*
41%
Of small businesses that have been breached paid more than $50,000 for resolution.*
60%
Of SMBs that suffer a data breach go out of business within six months.*
Just like we’re all putting our shields up by wearing masks and trying to social distance, we need to make sure we are shielding our systems and valuable data from the 4.57 billion people on the Internet (statista.com). (Can you see how this makes doing business with each other so difficult?)
These stats show why it is important to make sure your business is cyber-safe. Here are a few PCI DSS (Payment Card Industry Data Security Standards) tips to strengthen your shields and business continuity.
Achieve PCI Compliance by using strong passwords
Just like we have locks and keys to our homes, we need to have locks and keys on our network and systems. Create longer passwords with a mix of letters, numbers, and other characters (%$*&!@(). And change them often.
Read more about passwords and MFA
Patch your software
Make sure your IT service company keeps your software patched and up to date. Patching is fixing, improving, or updating a program with bugs or other security issues. Just like we strengthen our bodies with eating and exercise to prevent disease, your IT company strengthens your software applications with patches to prevent data breaches.
Encrypt all payment card data
Encryption creates another type of shield between the billions of people on the Internet and our data. Digitally scrambling data creates barriers that cannot be penetrated unless a user has the key. Selective shields, boundaries, locked doors, barriers, and walls are good. Sometimes they are a pain, but they are needed to sustain our physical and digital lives. And they are needed for PCI Compliance.
Remote access to your systems should be secure
Shields up! Our bodies stay healthy by having selective boundaries that keep some things out but allow other things in. Similarly, your business needs boundaries around your network. You want your vendors, employees, and customers to access your system from their businesses, homes, and mobile devices. Viruses and cybercriminals target these access points. Your IT service company should make sure your associates are using strong passwords and multi-factor authentication before your system lets them in.
Firewalls Are A Big Part of PCI Compliance
Shields up! Make sure your IT company has a firewall shielding your network from the Internet. This is like a cell wall that monitors all incoming and outgoing substances. Many of these substances have to have special keys to get in. A competent IT company will configure a strong firewall for your business among multiple other layers of shields.
Beware of phishing email
True to viruses in nature, hackers are evolving. Their attacks are more deceptive. They send emails that appear completely legit. If you haven’t expected a request for confidential data or information, don’t hand it over until you call and verify first. Your ability to differentiate is another layer of security.
For Compliance, Your partners should also be secure
We all know how easily the COVID-19 virus has spread. The same thing is true of digital viruses. If they are hacked, you could be too. The hackers can get into your system via the same portal your partners entered it.
Cybercriminals are always looking for ways to get past your shields. If you work with e-commerce, your shields need to be strong and secure to achieve PCI Compliance. But whatever your business, let’s work together to keep our clients, partners, and businesses safe.
Schedule a free security risk assessment with either Joe Nice in Utah or Fred Bauerfeld in Idaho
*Stats from: PCI Security Standards Council & U.S. Security, Exchange Commission, and Panda Security
