Anyone that does not regularly download free software updates unnecessarily exposes their equipment to cybercrime, viruses, trojans, and other malware, and misses out on bug fixes. Regardless of device or platform, the protection of a powerful security suite is essential.
Results of a survey commissioned by Microsoft’s Skype™ reveals that when prompted to update their software, 40% of adults don’t always do it — and 25% don’t do it at all because they don’t think it offers any real benefit. Ironically, the survey respondents’ top reasons for not downloading software updates included worry about computer security—when those who don’t regularly update their software unnecessarily expose their equipment to cybercrime, viruses, trojans, and other malware.
Merchants who accept credit cards have even more reasons to be hyper vigilant. Merchant Express® reminds our clients that vulnerable credit card data must be protected. Regular software updates are just one factor needed to remain Payment Card Industry (PCI) compliant. Practice PCI compliance to decrease the risk of security breach and data theft that can have devastating consequences for your business and its customers.
Compliance simply means that all of your credit card processing equipment (hardware and software) meets the requirements set forth by the Payment Card Industry (PCI) Security Standards Council. The council was founded by the five major credit card companies — Visa, MasterCard, Discover, American Express and JCB International — to enforce the PCI Data Security Standards (PCI DSS). To be in compliance, hardware and software must meet the 12 requirements outlined in the PCI DSS, as well as Payment Application Best Practices (PABP).
Once you get compliant you need to stay compliant. That means making sure that your business is virtually and physically secure with network, terminal and software compliance. You must protect your network (the operating system you use for credit card processing), yourterminal (the device you use to take credit card payments) and your software (the credit card processing program with which you accept payment).
Make it a top priority to ensure that your network is configured for maximum security and compliance. If your system isn’t properly configured (including using complex encryption algorithms), all the data within your network is at risk.
Nearly half of the data breaches that occur are through point of sale (POS) terminals that are out of compliance. This has become such a concern that MasterCard has instituted a POS Terminal Security program requiring regular equipment evaluations.
If your software is not secure, neither is any of the information you’re using to process payments, including credit card numbers, expiration dates and customers’ personal information. Noncompliant software is a data breach in the making.
Merchant Express offers a PCI Compliance Program which includes an online Self-Assessment Questionnaire (SAQ) for merchants to easily determine their Validation Type. The first step to finding out if your equipment is in compliance is to complete a SAQ. By following this process, you will determine whether your equipment is compliant. If not, there are established steps you can take to achieve regulatory compliance.
