A data breach occurs when an outsider obtains customer information, putting customers at risk for fraudulent charges and identity theft. It can also threaten the reputation of businesses.
There are useful practices and various steps a business can take to prevent such breaches.
1. Sticking with old, familiar technology
It is important for businesses to keep up with technology. They must upgrade security in addition to the ways they process payments. While it can be more costly to move to the newest methods, it makes customer information much more secure. After all, those who would illegally gain access to customer information will be using new technology—so why shouldn’t your business stay one step ahead?
Target is an example of a major company that had a data breach due to outdated technology. To prevent this issue in the future, they’ve begun to implement the technology to be able to process mobile payments.
2. Using the same POS system across all stores
Business owners can be tempted to go with what they know, especially if they’re a chain. They become familiar with certain technology, and so they tend to use it in across all stores. However, this habit should be changed. Businesses need to have different computer systems for franchise stores, especially with regard to POS systems.
Jimmy John’s stores were the victims of a major data breach because many of their POS systems were the same. The perpetrators of the data breach were able to clone payments once they figured out how the POS systems worked. If the chain had different POS systems, the data breach may not have occurred.
3. Not updating encryption
Encryption of information is the most important way to protect your customers. Encryption scrambles customer data, such as credit card numbers, and makes it unreadable. That way, in the event of a data breach, the information obtained is useless.
Home Depot was hit with a data breach that originated from malware. Home Depot’s security system could not protect against the malware due to how new it was. But, updated encryption software would have made the data unusable to those who created the malware.
4. Insecure employee login information
Employers must give employees access to computer systems and data in order to do their jobs. However, it is easy to become complacent with employee login information. Employee passwords may be easy to guess. Employee credentials may not be deactivated when an employee leaves. Business owners must cease those bad practices. Employee passwords should be complex and changed every few months. Credentials must be deactivated when an employee leaves.
eBay’s data breach occurred because the thieves used employee login information. It is not clear how the hackers had access to employee credentials, but if eBay had made employee credentials more secure, the data breach may have been prevented.
5. Failure to watch computer systems
Businesses must regularly watch computer systems, especially POS systems, for signs of a potential security issue. They should look for any irregular transactions or payments. They should check the system for malware and viruses. It is easy to trust security, but vigilance will prevent a data breach from going unnoticed.
In the case of the Neiman Marcus data breach, they failed to check their systems. Not only did the data breach occur, but it went unnoticed for months, despite malware being on their POS systems. It is vital that businesses scan for malware and harmful programs on a regular basis.
Stay updated on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.