Defining, documenting and publishing clear guidelines on how data is managed is one of the most important steps in addressing risk of any business. Though the Payment Card Industry Data Security Standard (PCI DSS) can seem confusing, one of the main benefits is that it will protect payment card data, which is not only essential […]
Businesses that accept payment cards for goods or services are often targeted by criminals who will attempt to tamper or substitute their card reading device. Regular inspection of payment card terminals and PIN entry devices is one of the most effective ways that businesses can ensure that their devices are secure from tampering and substitution. […]
As our lives and businesses become more digitised and reliant on computers of various shapes and sizes, from smartphones, to laptops and tablets it’s become essential to protect these devices. Here are five tips to ensure that your computer, whatever it may be is secure and safe. 1. Update If your operating system or […]
Some businesses will spend large amounts of time as well as money on encryption software and firewalls but then neglect the physical security of their business. Physical security is often overlooked and the impact of a physical breach can be the same as a computer breach. One of the most common occurrences during a […]
When a data breach is reported in the media, more often than not it’s the well-known large companies that make the headlines. In reality cybercriminals are more successful in attacking smaller businesses. The reason for this is that smaller businesses often have fewer resources and as a result are less likely to have the latest […]
Information security, otherwise known as infosec, is a series of strategies to manage and prevent the unauthorised access as well as the use, of physical and digital information. This also includes any modification, destruction or disruption to information. Common threats to information security are identity theft, theft of intellectual property, theft or sabotage of […]
Sensitive information is data that is required to be protected from being accessed by unauthorised parties. This is done as to safeguard the security and the privacy of an individual or organisation. The three main types of sensitive information that exist are: personal information, business information and classified information. Personal Information Personal information is […]
With regular reports of cybercriminals stealing credit card data and other sensitive information it’s essential to protect your ecommerce website. A breach will not only cost a business in major fines but it will also affect customer trust. Therefore it’s imperative to know how to protect your ebusiness and your customer data. The following are a few […]
An account data compromise is when cardholder information has been obtained by an unauthorised person who intends to commit fraud. The opportunity can occur when businesses or designated third parties store cardholder data incorrectly in an unencrypted format. Common ways that fraud can occur includes theft from the premises of a business, physically or electronically, […]
Social engineering, the act of psychologically manipulating a person to divulge confidential information or to carry out actions is becoming more common place. Recently Indian police raided call centres and made arrests in which a large scale scam took place where the employees impersonated US Internal Revenue Service and other federal officials, demanding payments […]
Online commerce has created incredible new opportunities for businesses to market and sell services globally. Many businesses, in particular small to medium ones, often do not consider that they could be targeted by cyber crime. The reality, unfortunately is that small to medium businesses are now very much being targeted by cyber criminals as many are […]
By Jason McWhirr, Information Security Consultant Globally, criminals are increasingly abandoning the more traditional approaches to crime. They are looking to the internet for their targets and using it as their preferred route to perpetrate criminal activity. The UK National Crime Agency’s Cyber Crime Assessment 2016 reports that cybercrime has now over taken traditional crime […]
If your organisation stores card data, you have an obligation under the Payment Card Industry Data Security Standard to protect it. Cardholder data is any information contained on a customers’ payment card. The primary account number or PAN, card security code, cardholder name and expiration date are printed on the front of the card and […]
The Payment Card Industry Data Security Standard and its requirements can sometimes be misinterpreted and can seem complex, especially for smaller businesses. In the following video ’10 common myths about the Payment Card Industry Data Security Standard’ we dispel some of the common myths concerning PCI DSS.
If you outsource card payment services remember that you are responsible for the security of the card data that you pass on to third parties. If those third parties are non-compliant with PCI DSS, you should not pass on data to them. Even when they are compliant don’t allow them to affect your ability […]
Research shows that the cost of non-compliance with the PCI DSS can be two and a half times more expensive than protecting your customer’s data. Small merchants are often not safer than larger ones, in fact they are more likely to be targeted by data thieves due to not investing in the necessary resources. […]
Passwords can unlock a wealth of information including your finances and your personal history. In business they can give unlimited access to company information and resources that can easily lead to a range of crimes and scams being perpetrated. Don’t be the weakest link – choose your password wisely. Treat your password like your […]
Businesses that accept payment cards are required to be Payment Card Industry Data Security Standard (PCI DSS) compliant. Compliance is mandatory for any business that accepts payment cards. Even if a business only takes payment over the phone, uses a third party for all payment processing services and doesn’t retain any cardholder data, PCI DSS […]
Though the road to PCI compliance can at times feel daunting, getting started with the process and taking it step by step is often the best way to proceed. Achieving and maintaining compliance with the PCI Data Security Standard is an ongoing cycle with three distinct steps: Assess, Remediate and Report. Remember that businesses […]
The Payment Card Industry Data Security Standard or PCI DSS for short is a compliance standard that defines data security requirements relating to the processing, storage or transmission of cardholder data. The PCI DSS was founded in December 2004 by 5 major card brands – Visa, Mastercard, American Express, Discover and JCB. In 2006, the […]
All businesses that accept payment cards for goods or services, regardless of size, have important obligations that they must be aware of. Credit and debit card information is extremely valuable and businesses must therefore be aware that they are responsible for the security of this data, from the moment they take a card for payment […]
