Over the next several months, we will be sharing the PCI Council's advice on How to Protect Your Business With These Security Basics.
This month's topic: Use Strong Passwords and Change Default Ones
According to the Council's Guide - About 80% of breaches involved guessed or stolen passwords!
Here is what they recommend:
CHANGE YOUR PASSWORDS REGULARLY. Treat your passwords like a toothbrush. Don’t let anyone else use them and get new ones every three months.
SEEK HELP. Ask your vendors or service providers about default passwords and how to change them. Then do it!
For more information on managing passwords, click here.
MAKE THEM HARD TO GUESS. The most common passwords are “password” and “123456.” Hackers try easily-guessed passwords because they’re used by half of all people. A strong password has seven or more characters and a combination of upper and lower case letters, numbers, and symbols (like !@#$&*). A phrase can also be a strong password (and may be easier to remember), like “B1gMac&frieS.”
To see how fast it takes to crack a password, click here.
DON’T SHARE. Insist on each employee having their own login IDs and passwords – never share!Read More >
Once a year, we travel to the Lower 48 to a conference called RetailNOW. We meet with point of sale companies just like Skurla’s and with the nation's leading vendors. It’s an amazing event that helps us find out what the future holds for the hospitality/retail industries, but it also provides us with a wealth of information on how we can better serve you. This year’s event was in Nashville and for us Alaskan’s, 90+ degree days are way too hot. But the knowledge we bring back makes it all worth while.Read More >
“Small businesses are particularly at risk from the costs and opportunity loss associated with a data breach. Implementing the guidance published by the PCI SSC Small Merchant Taskforce will help a small business improve its data security practices and reduce the risk of data theft.“ - Michael Christodoulides, Barclaycard, PCI Small Merchant Taskforce Co-Chair
Security risks are everywhere these days - everyone up and down the chain is affected. At Skurla's Point of Sale Solutions, we take security very seriously - and wanted to share some resources from the PCI Security Council.
But first, here are some frightening data points shared by the PCI Security Council:
- 71% of hackers attack businesses with under 100 employees (Verizon 2012)
- 60% of small businesses experienced a cyber breach (HM Government)
- $20,752 is the average cost to small businesses due to hacking (NSBA)
If this scares you too, keep reading below to learn more about how to protect your business -Read More >
If you are like most folks, you have a handful of passwords that you reuse for all your online accounts. You may change a number or two when it’s expired, for example: Password1 gets changed to Password2, and so on. It’s very likely that some family and friends know some of your passwords too, like your WIFI and Netflix password. In a world full of hackers and breaches, you really are making their job all too easy.Read More >
Data Breaches, ID Theft, Credit Card Breaches - we hear this all the time in the news. And this is the last thing you as an owner or manager want to experience for your business!
Please take time to read this! It could save your business!Read More >
From Oracle Regarding Critical Patch Updates and Security Alert Notifications:
"Our customers should be encouraged to always keep their software current. To help facilitate this, customers can sign up to receive quarterly Critical Patch Updates and Security Alert notifications. The Critical Patch Update (CPU) is the primary mechanism for the release of all security bug fixes for all Oracle products. Critical Patch Updates are released quarterly on the Tuesday closest to the 17th of the month in January, April, July, and October. In addition, Oracle retains the ability to issue out of schedule patches or workaround instructions in case of particularly critical vulnerabilities and/or when active exploits are reported "in the wild." This program is known as the Security Alert program.