In the internet era, customers are quick to share their negative experiences online, especially if their personal information is compromised due to a preventable security breach.
Customers want a secure, effortless transaction with online purchases and want their credit card handled properly. If they have issues, the retailer is forced to refund the transaction, deal with the authorities and credit card companies, and offer to make it right with the customer by offering some type of perk or freebie.
If you were a customer, would you do business with a company that irresponsibly managed your payment? Of course not. Here are some suggestions to avoid the hassle of correcting the damage from a data breach:
Invest in online retail risk management
Relying on a third party webmaster or basic e-commerce template with a built-in security feature is simply not enough anymore. Identity thieves love to target small businesses. Hackers have the tools to look right through encryption measures to steal credit card numbers and other information.
Paul Demery of InternetRetailer.com says that while security breaches have become more common, less than 25 percent of online retailers are expanding risk management efforts. Getting ahead of ID theft before it occurs will spare you the agony of losing victims to larger retails or in-person business. The Identity Theft Assistance Center says that some ID theft victims will avoid smaller merchants, knowing their identities were compromised during online purchases.
Trying to rectify a consumer complaint about identity theft is difficult, and finding the chink in your network armor is nearly as challenging, especially without a skilled IT security department in-house. Tools like LifeLock Small Business Solutions provides online merchants with the skilled partner to hunt down that information to figure out ways to correct the breach before more people are victimized.
Review network firewalls, POS security
Midwest Bank notes that once hackers are inside a merchant’s network, they have the ability to install malware on Microsoft Windows-based cash registers or servers to copy unencrypted magnetic stripe data from the system.
Preventing this begins with checking the configuration of your network security features, starting with the firewall settings. You should make sure that only approved IP address, trusted websites, or known services are allowed to communicate with your network. Additionally, point-of-sale purchases need to be secured.
Oftentimes, automatic settings on payment application software can store bulk customer data that’s placed in a vulnerable position, which hackers know how to find.
Assigning strong passwords to retail application software can help prevent encryption breaches. Sarita Harbour of Business News Daily says that POS systems ought to be “PCI compliant,” meaning that they meet a national standard for credit card purchase security by the Payment Card Industry.
If you rely on a third party for that function, it’s time to check their security credentials to make sure they are up to standards.