Small businesses have become a big target for cybercriminals and one of the vectors of their attacks are payment systems.
The PCI SSC said small merchants are highly targeted and when they are attacked, they are more vulnerable because they don’t have the technical know-how or resources to protect themselves. The Council said the tool they created has been developed to be simple so merchants can easily evaluate their security posture.
With small businesses now the target of almost half of all cyber-attacks and 60% of small companies going out of business within six months of an attack, the threat is very real and it can have catastrophic consequences.
The solution PCI SSC has come up with increases awareness of the danger in credit card payment systems. This allows small businesses to be more informed and vigilant of the threats they face.
According to PCI Security Standards Council Chief Technology Officer Troy Leach, merchants will be confident they are doing all they can to protect their customers.
In recent release, Leach goes on to say, “This new evaluation tool provides small businesses with awareness of the most common, critical risks for their environments and the proper resources to address potential threats. Additionally, the PCI Data Security Essentials Resources provide the right questions to ask their payment partners to have a dialogue on payment security. That conversation can only improve a small business owner’s understanding of proper payment security.”
The PCI Data Security Essentials Resources for Small Merchants
These resources are educational material which give small businesses a starting point on how they can protect their customers.
The information has been updated to address the latest security threats small merchants face and it will continue to be updated as new threats are identified.
The educational material was developed by the PCI Small Merchant Taskforce. The task force is a global, cross-industry consortium launched by the Council in 2015. And it has developed the educational resources to help small businesses protect payment card data from being compromised.
These are the resources as posted on the PCI SSC blog along with the links so you can start protecting your small business payment system. You can get to the blog here.
- Guide to Safe Payments – Guidance for understanding the risk to small businesses.
- Common Payment Systems – Visual guide to identify payments systems used by small businesses and ways to protect them.
- Questions to Ask Your Vendors – Question you should ask your payment processor.
- Glossary of Payment and Information Security Terms – Explains the terms used in the payment industry in a way that is easy to understand.
- NEW! PCI Firewall Basics – A one-page infographic on firewall configuration basics.
- NEW! Data Security Essentials Evaluation Tool – This tool allows merchants to evaluate their security posture online with a preliminary evaluation.
The PCI DSS
The PCI Data Security Standard (PCI DSS) is a compliance regulation which applies to all entities that store, process, and/or transmit cardholder data. If you accept or process payment cards, PCI DSS applies to you.
Photo via Shutterstock