What does all of this mean to the average retailer that is accepting credit card payments?
PCI compliance may seem like a hassle and a distraction from running your business, however maintaining full compliance will shield you and your customers from a potential data breach. Also, some pretty hefty fines for non-compliance could be passed onto you from your merchant, so its best to keep up-to-date.
The best way to protect against data breaches is not store card data at all. Many small merchants are offering curbside pickup now and are accepting telephone payments in lieu of former face-to-face transactions. Avoid writing payment card details down and instead enter them directly into your secure terminal.
The use of weak and default passwords is one of the leading causes of payment data breaches for businesses. To be effective, passwords must be strong and updated regularly. Take a look at this quick video on how to create a strong, easy to remember password in less than a minute.
Criminals look for outdated software to exploit flaws in unpatched systems. Timely installation of security patches is crucial to minimize the risk of being breached. One way to keep up with all the necessary changes is by ensuring you are applying operating system updates and checking for updates for other installed applications. At the time of writing Windward System Five's current versions are 6.2.4.x and 6.4.7.x.
Hackers use phishing and other social engineering methods to target organizations with legitimate-looking emails and social media messages that trick users into providing confidential data, such as payment card number, merchant account number or password. Small merchants should be extra vigilant and be on the look out for common phishing and social engineering hacks. Emails from Windward Software will be delivered from the @windwardsoftware.com domain.
It’s critical you know who your service providers are and what security questions to ask them. Is your service provider adhering to PCI DSS requirements? Windward Software Systems, Inc. is validated according to PA-DSS v3.2 and has continued to maintain PCI certification throughout the years. Its also worth noting that our cloud solution handles payments in a manner such that your customer's credit card number never actually touches our platform which lowers your risk while you remain integrated.
Existing clients have resources available.
How to complete the PCI Compliance Checklist can be found here in the Windward Software Wiki. This topic is available in the Windward Learning Academy and you can also use Searchable Self-Help.
The Windward Webinar Series will cover How to complete PCI Compliance Checklist next. This webinar will discuss what Payment Card Industry (PCI) Compliance means, how are PCI and System Five connected, and how to complete your PCI Compliance Checklist. There will be a live demonstration and a quick Q & A will follow at the end of the presentation.