Beginning in 2017, all new Level 4 merchants were required to use only Payment Card Industry (PCI)-certified QIR solutions providers for POS application and terminal installation and integration.
I am sure you have heard it from many sources at this point, but we just wanted to remind you and share information about what this means for your Windows 7 computers:
"While you could continue to use your PC running Windows 7, without continued software and security updates, it will be at greater risk for viruses and malware." - Microsoft Support
Over the next several months, we will be sharing the PCI Council's advice on How to Protect Your Business With These Security Basics.
This month's topic: Use Strong Passwords and Change Default Ones
According to the Council's Guide - About 80% of breaches involved guessed or stolen passwords!
Here is what they recommend:
CHANGE YOUR PASSWORDS REGULARLY. Treat your passwords like a toothbrush. Don’t let anyone else use them and get new ones every three months.
SEEK HELP. Ask your vendors or service providers about default passwords and how to change them. Then do it!
For more information on managing passwords, click here.
MAKE THEM HARD TO GUESS. The most common passwords are “password” and “123456.” Hackers try easily-guessed passwords because they’re used by half of all people. A strong password has seven or more characters and a combination of upper and lower case letters, numbers, and symbols (like !@#$&*). A phrase can also be a strong password (and may be easier to remember), like “B1gMac&frieS.”
To see how fast it takes to crack a password, click here.
DON’T SHARE. Insist on each employee having their own login IDs and passwords – never share!
“Small businesses are particularly at risk from the costs and opportunity loss associated with a data breach. Implementing the guidance published by the PCI SSC Small Merchant Taskforce will help a small business improve its data security practices and reduce the risk of data theft.“ - Michael Christodoulides, Barclaycard, PCI Small Merchant Taskforce Co-Chair
Security risks are everywhere these days - everyone up and down the chain is affected. At Skurla's Point of Sale Solutions, we take security very seriously - and wanted to share some resources from the PCI Security Council.
But first, here are some frightening data points shared by the PCI Security Council:
- 71% of hackers attack businesses with under 100 employees (Verizon 2012)
- 60% of small businesses experienced a cyber breach (HM Government)
- $20,752 is the average cost to small businesses due to hacking (NSBA)
If this scares you too, keep reading below to learn more about how to protect your business -
Data breach - those two words can (and should) scare the heck out of business owners. It is everywhere in the news. I think on some level, people are just throwing their hands up in the air at this point. However, we don't want our customers to go through this experience - no one wants the CIA showing up at their back door or having their funds frozen because of a suspected breach.
To help you understand the impacts, we wanted to share this article by Justin Zeigler, the director of product development and marketing at Datacap Systems. (Datacap Systems develops integrated payment interfaces for any type Point of Sale Application - so they are very in tune with security for point of sale systems.) In this article, he discusses:
- What Is a Data Breach and How Do They Most Commonly Occur?
- What Can You Expect When a Breach Occurs? What Are the Steps?
- Who Is Liable?
- Best Practices to Prevent Breaches and Mitigate Liability
- Using a QIR (Qualified Integrators and Resellers) Certified Reseller
As a business owner, it is vital to understand the effects of a breach on your business, your customers and your employees.
Read this eye opening article below:
Visa advised acquirers that as of January 2017, all new Level 4 merchants must use only Payment Card Industry (PCI)-certified QIR solutions providers for POS application and terminal installation and integration.
Today we are happy to announce that we are a QIR Certified POS Provider. A BIG shout out to Jesse Dison for the successful completion of the Qualified Integrators and Resellers course.
The Qualified Integrators & Resellers course provides an opportunity for eligible professionals of qualifying organizations to receive training and qualification on the secure installation of Payment Application Data Security Standard (PA-DSS)-validated payment applications into merchant environments in a manner that facilitates PCI Data Security Standard compliance.
To learn more about the Small Merchant Security Program Requirements download the security bulletin here.
To learn more about how you can reduce your risk and PCI requirements, read the rest of the article here.