A study titled, “The Checkout,” sponsored by The Integer Group and M/A/R/C in 2009 revealed that retail customers’ top criteria for selecting a store was, “accepts my credit or bank cards.” Only a few years later, and little has changed. Retailers may be plagued by swipe fees and a never-ending battle with the bank, but business and the overall bottom line depend on sales, and sales depend on meeting consumers’ expectations. In today’s world, the customer is expecting to shop and checkout at a pace that is fitting to their busy schedule. As a result, most retailers have invested in electronic purchasing options, such as point of sale (POS) systems with credit card transaction capabilities. With these capabilities, however, come responsibilities. Retailers should be prepared to handle the preferred method of payment, taking credit cards in a secure and efficient manner.
Retailers Make Sense of Security, PCI Compliance and Invest in POS System Management
However, smaller businesses such as independent retailers are more vulnerable when they open up their POS system to electronic purchasing options. They are constantly under siege from malware, hackers and credit card fraud. Verizon Inc. reported recently that over 60 percent of the security breaches that occurred in 2010 were within companies of 100 or fewer employees. Moreover, about 95 percent of the credit card fraud instances it deals with comes from its smallest customers. Visa, with the help of its Security Sense program, offers ideas specifically for retailers looking defend themselves from security breaches:
1)Keep track of exactly what sensitive data you collect and store, such as names, addresses, identification information, payment card numbers, bank account details and Social Security numbers. Think carefully about what data you actually need, and do not store sensitive data you can do without. For example, don’t use credit card numbers as ID numbers, in a customer loyalty program. Retailers should never store the “full track” of magnetic swipe data, the card validation value, or user PINs.
2)Make sure you are using secure services and tools that have been validated as adhering to industry standards. Use verification services that make sure the purchaser has the correct billing address and is physically holding the card.
3)Keep your payment system and data isolated so that only those employees who need access can get access. Eliminate remote access if you can, and make it secure otherwise.
These are important tips and steps to take when protecting customer data, but as a small business owner you have enough to worry about, including PCI compliance. Payment Card Industry (PCI) compliance is a complex and ever evolving subject affecting millions of businesses, including acquiring banks, Independent Sales Organizations (ISOs), e-commerce and retail merchants. You may think a simple security checklist will keep you and your customers protected, but as PCI Compliance Guide columnist, Joan Herbig, writes, “hackers are experienced professionals, who have learned successful methods of breaking into your company, stealing your cardholder data, covering their tracks, selling the data in an online marketplace, and subsequently ruining your customer relationships, reputation, and brand name recognition. Everything your company spent so much time, energy, and money building can be gone between the time you went to bed and wake up in the morning.” The 2011 Data Breach Investigations Report states that 86 percent of breaches were discovered by a third party, so chances are you won’t know about it until months later when a customer reports the theft of their credit card or identity.
That is why system management appliances, such as Dell KACE, equipped to accelerate PCI standards and increase security within a POS system are becoming increasingly popular. Systems management support is a critical piece to the security puzzle, and Dell KACE’s affordable systems management appliances help companies tackle compliance issues by providing critical tools and capabilities, such as automated patching, local and remote software distribution, and state-of-the-art reporting. Retailers such as Redner’s Market, an employee-owned company that operates 39 Warehouse Markets and 13 Quick Shoppes throughout Eastern Pennsylvania, Maryland and Delaware, are already enjoying the benefits of a Dell KACE’s robust systems management solution. Nick Hidalgo, director of IT for Redner’s Market, notes in a recent press release, “We use the Dell KACE K 1000 appliance to efficiently manage about 500 POS systems, including our registers and back office systems, to perform automated security updates, monitor systems for our compliance policies and test and remediate vulnerabilities. As a result, we’ve cut down our management time from approximately two hours to five minutes. Our compliance-qualitified security assessors are thrilled with the results.”
For more information:
Dell KACE Headquarters
2001 Landings Dr.
Mountain View, CA 94043
Tel. 877-646-8366
Website: www.kace.com