This Is the Season to Be Extra Vigilant About Your Business’s Payment Security
The PCI Security Standards Council recently published a piece on its website that deals specifically with the enhanced risks faced by restauranteurs in particular and small businesses in general during the holiday season. Given that there is generally already an increased prevalence of cyber threats on businesses of all sizes and industries, the issues discussed in the article would be relevant just about any time of year but there are a number of circumstances particular to the holidays that do increase the vulnerability of different types of businesses.
According to Laura Chadwick – Program Director, Technology and Innovation for the National Restaurant Association – The holiday season is the busiest time of the year and can be overwhelming. It is the time of year where a restaurant can get so busy that they let their guard down when it comes to payment security practices.
Because of its hectic nature This is the time of year when some businesses put off patching, fail to monitor remote access security protocols, and delay payment security issues until next year.
Ms. Chadwick’s comments can be applicable to a variety of businesses in the waning days of the year. Think of both retail and e-commerce merchants for example. Like restaurants they are typically busier this time of year than any other and often hire extra staff to cope with the holiday rush. This pertains to both the brick and mortar store(s), as well as a company website (if applicable) and etailers. Websites selling merchandise will often provide the option of ordering and paying 100% online or calling a 1-800# and ordering a product or products over the phone. In the crunch of making preparations for all this, it can be easy to overlook or put off dealing with potentially serious payment security concerns. For example, you may need to hire temporary seasonal staff to handle the overflow business, but you want to be sure that they receive thorough training regarding safe payment processing practices and that they are carefully vetted beforehand. And if you are outsourcing to a third party provider (such as a call center for example) that you are carefully examining their payment security practices and ensuring that they are in compliance with PCI Security Standards.
The holidays are a favorite time for fraudsters to operate because often they can safely deduce that businesses are more likely to be strapped for time and resources, and do not examine transactions as closely as they typically might and- as stated previously - may also have inexperienced temporary workers on staff. They also know that you probably can’t take down your entire system without adversely affecting the rest of your business. As a result, clever and experienced hackers can stealthily do their damage before the affected business is even aware anything untoward is happening.
The flip side of this issue is those types of businesses that are more apt to experience a slow down this time of year. They may either close for an extended period or have reduced staff on hand to deal with any problems that could potentially arise. Coming back to the office after what you thought would be a refreshing break only to find that someone has hacked into your system is not the way any of us would prefer to ring in the new year.
All that having been said, making sure payment security is not compromised during the holiday rush is really no different from any other time of year, except that – depending on the type of business you operate- one is perhaps more likely to be either strapped for time OR planning to take extended time off – both can make you more vulnerable than usual to cyberattacks. Always make sure that you are following best practices when it comes to security – including having strong passwords, doing regular system reviews and data breach simulations, stay up to date with security patches, and be extra-careful about 3rd party and remote access and who has it. You can always consult a security expert and conduct a Security Gap Assessment to identify any areas of risk and how to patch them in time for the holidays. This will help you with your peace of mind not only during the hectic holiday period but throughout the year.
About Datatel and Secured Net Solutions
Organizations are in a continuous struggle to ensure that all necessary safeguards are in place to protect their valuable information from external and internal security threats alike. At Datatel, it is our goal to ensure that our clients are prepared to successfully navigate the ever-changing Cybersecurity and payment security landscape. In partnership with Secured Net Solutions we provide our customers with tailor made services and solutions that ensure that they will always be prepared for and able to respond to information security threats.
Our team’s depth of expertise and breadth of capability in advanced technology is founded upon real-world experience, combined with solid technical training and continuous skill development. Our philosophy and core business align directly with the critical components required to assist our clients in establishing a more secure infrastructure and overall security posture.
For information on how we can help you addressing your Cybersecurity and Payment Security needs contact us at: 800-831-6660 x 257 or Click Here