Understanding Your Risk - Use Strong Passwords and Change Default Ones

By Lynn Skurla Perkins | Sep 12, 2018 1:02:50 PM

Over the next several months, we will be sharing the PCI Council's advice on How to Protect Your Business With These Security Basics.

This month's topic:  Use Strong Passwords and Change Default Ones

According to  the Council's Guide - About 80% of breaches involved guessed or stolen passwords!

Here is what they recommend:

CHANGE YOUR PASSWORDS REGULARLY. Treat your passwords like a toothbrush. Don’t let anyone else use them and get new ones every three months.

SEEK HELP. Ask your vendors or service providers about default passwords and how to change them. Then do it!

For more information on managing passwords, click here.

MAKE THEM HARD TO GUESS. The most common passwords are “password” and “123456.” Hackers try easily-guessed passwords because they’re used by half of all people. A strong password has seven or more characters and a combination of upper and lower case letters, numbers, and symbols (like !@#$&*). A phrase can also be a strong password (and may be easier to remember), like “B1gMac&frieS.”

To see how fast it takes to crack a password, click here.

DON’T SHARE. Insist on each employee having their own login IDs and passwords – never share!

Read More >

Understanding Your Risk - Exploring the PCI Council's Small Merchant Guide

By Lynn Skurla Perkins | Aug 20, 2018 11:22:54 AM

“Small businesses are particularly at risk from the costs and opportunity loss associated with a data breach. Implementing the guidance published by the PCI SSC Small Merchant Taskforce will help a small business improve its data security practices and reduce the risk of data theft.“ - Michael Christodoulides, Barclaycard, PCI Small Merchant Taskforce Co-Chair

Security risks are everywhere these days - everyone up and down the chain is affected.  At Skurla's Point of Sale Solutions, we take security very seriously - and wanted to share some resources from the PCI Security Council.  

But first, here are some frightening data points shared by the PCI Security Council:   

  • 71% of hackers attack businesses with under 100 employees (Verizon 2012)
  • 60% of small businesses experienced a cyber breach (HM Government)
  • $20,752 is the average cost to small businesses due to hacking (NSBA)

If this scares you too, keep reading below to learn more about how to protect your business - 

Read More >

Why You Need A Password Manager

By Thomas Greenman | Jul 18, 2018 4:29:36 PM

If you are like most folks, you have a handful of passwords that you reuse for all your online accounts. You may change a number or two when it’s expired, for example: Password1 gets changed to Password2, and so on. It’s very likely that some family and friends know some of your passwords too, like your WIFI and Netflix password. In a world full of hackers and breaches, you really are making their job all too easy.

Read More >

Understanding the TLS Issue & Why Your Credit Cards May Stop Working!

By Lynn Skurla Perkins | May 4, 2018 7:20:06 AM

Yes, credit cards may stop working on your point of sale system this summer!  We are providing you with more information on this important issue - please take a moment to read.

First some definitions and background on this topic:

TLS: Transport Layer Security (TLS) is a cryptographic protocol used to establish a secure communications channel between two systems.

SSL: Secure Sockets Layer (SSL) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browser remain private.

On Feb. 13, 2015, the PCI Security Standards Council announced that SSL, a protocol designed to ensure that data provided between a web server and a web browser, such as credit card information, remains secure - is no longer an acceptable way to provide strong cryptography, due to a number of known fundamental vulnerabilities. The deadline is June 30, 2018. 

Read More >

PCI Council Announces Changes to Qualified Integrators & Resellers Program

By Lynn Skurla Perkins | Mar 25, 2018 7:08:05 PM

In March, the PCI Security Standards Council (PCI SSC) announced new changes to the PCI Qualified Integrators and Resellers (QIR) Program in response to industry feedback and data breach report findings. The program changes are designed to increase the number of QIRs and equip them to help merchants reduce risk by mitigating the leading causes of payment data breaches. 

The PCI SSC QIR program offers specialized data security training and certification to individuals that install, configure and/or support payment systems. PCI SSC maintains a listing of PCI QIRs on its website for merchants to use in identifying and selecting trusted partners. Since the program was established in 2012, breach reports highlight that smaller merchants are increasingly under attack, and that the majority of merchant payment data breaches could be prevented by addressing three critical issues: insecure remote access, weak password practices and outdated and unpatched software.

Read More >

Take 5 Minutes to Read About PCI & Security - It Could Save Your Business

By Lynn Skurla Perkins | Mar 1, 2018 7:11:38 AM

Data Breaches, ID Theft, Credit Card Breaches - we hear this all the time in the news.  And this is the last thing you as an owner or manager want to experience for your business!

Please take time to read this!  It could save your business!

Read More >

Skurla's is QIR Certified

By Lynn Skurla Perkins | Apr 19, 2016 1:46:17 PM

Visa advised acquirers that as of January 2017, all new Level 4 merchants must use only Payment Card Industry (PCI)-certified QIR solutions providers for POS application and terminal installation and integration. 

Today we are happy to announce that we are a QIR Certified POS Provider.  A BIG shout out to Jesse Dison for the successful completion of the Qualified Integrators and Resellers course.

The Qualified Integrators & Resellers course provides an opportunity for eligible professionals of qualifying organizations to receive training and qualification on the secure installation of Payment Application Data Security Standard (PA-DSS)-validated payment applications into merchant environments in a manner that facilitates PCI Data Security Standard compliance.

To learn more about the Small Merchant Security Program Requirements download the security bulletin here.

 Download Bulletin

To learn more about how you can reduce your risk and PCI requirements, read the rest of the article here.

Read More >

A breach can cost you money and customers.

By Lynn Skurla Perkins | Jul 25, 2013 12:18:00 AM

The PCI Security Council has a website for small business owners - https://www.pcisecuritystandards.org/smb/

Read More >

How will credit card fraud affect your business?

By Lynn Skurla Perkins | Nov 4, 2011 3:12:35 AM

How will credit card fraud affect your business? Every small business owner should read this article! http://ow.ly/7jrzh

Read More >

Be PCI Wise

By Lynn Skurla Perkins | Mar 11, 2010 12:58:00 AM

Did you know: Malware is now the criminal’s tool of choice to hack your system and most malware is not picked up by Anti-Virus software – you must secure your network!

Read More >
COMMENTS
Download our free Purchasing Point of Sale Checklist!
Free Purchasing POS Checklist