This post was originally published on February 11, 2016 and has been updated for accuracy and comprehensiveness.
Data breaches exposed nearly 8 billion consumer records in the first nine months of 2019. As more businesses experience the devastating effects of a data breach, it’s clear cyber security must become a priority.
Below, we disuss how businesses can properly secure data and devices and maintain Payment Card Industry (PCI) compliance. We also provide necessary steps to take if credit card information has been compromised.
What is PCI Compliance?
PCI compliance is a set of standards established by the Payment Card Industry to ensure businesses maintain the highest level of security when it comes to credit card information. Some requirements to remain compliant include:
- Install and maintain firewalls.
- Create unique system passwords and passcodes.
- Do not store cardholder data unless it is absolutely necessary.
- Utilize strong encryption transmission data.
- Update malware and anti-virus software on a regular basis.
- Track and monitor access to networks with cardholder data.
PCI compliance helps protect sensitive payment data, preventing hackers from accessing information that could lead to customer and business identity theft.
Educate POS Employees
Properly educating point of sales (POS) employees is vital to PCI regulations enforcement. A few ways to properly educate your POS employees include:
- In addition to annual PCI compliance refresher courses, offer web-based or in-person training upon hire so new employees are up-to-date on PCI standards.
- Require employees to use passwords or passcodes, especially if taking payment equipment outside of your business (i.e. tablets that provide payment options).
- Encourage employees to update systems and anti-virus software on their company computers and devices.
- Provide employees with easy access to PCI compliance requirements, and update them when they change.
How to Prevent Credit Card Information Theft
Use POS surveillance camera equipment for additional security. Monitor register activity, flag unusual credit card transactions and suspicious employee behavior. Lastly, secure all equipment installed on the network to prevent hacks.
If you feel your customers’ or business’ credit card information has been compromised, follow these steps to mitigate damage:
- Notify your bank’s fraud department.
- Contact credit card and check verification companies.
- Report theft to local (and potentially state) law enforcement.
- Review credit card statements to evaluate suspicious activity.
- Send a written statement to customers and employees notifying them of the compromise.
Secure Your Retail Business With an Expert
From department stores to supermarkets, our experts have experience securing retail establishments for some of the biggest brands, including many Fortune 500 companies. Contact us today to learn more about our retail security solutions.