We live in an ever-increasing digital world. And with that comes risk – and lots of it. The number of stolen debit/credit card numbers continues to grow every day. Today’s news story about how nearly 40 million Target customers had debit or credit card information stolen is the most recent example of the kind of risky, digital world we live in.
PCI Security Standards
If a company as large as Target can be breached with all of its technology and alerting systems, then what is the chance that your company could withstand a breach attack? The PCI Security Standards Council mandates that certain security standards be implemented and followed when storing credit card numbers electronically or by hard copy. By not maintaining these standards, your company would be considered non-compliant.
Beyond implementing and following PCI security standards, here’s a list of additional steps that you can take to protect your customers valuable information:
- Use End Point Protection monitoring to verify that all workstations are current on their virus definition files.
- Make sure all servers are patched with the most current operating system security patches.
- Employ a vendor to complete penetration testing to find any open avenues to your network.
- Consider implementing Intrusion Detection Systems (IDS). Many companies utilize IDS to monitor their incoming and outgoing network traffic. If the expense is too great or you do not have qualified personnel, then consider a vendor to provide the service. Many vendors provide Intrusion Detection Services at a very reasonable price.
The Cost of Protecting Your Customers
The question you may be asking yourself is: What cost is too much to protect my customers’ data? And while that’s a great question to be asking, you should also consider what cost is too much to protect your business’s reputation. In order for your company to survive in today’s digital world, it’s critical for your business to cultivate a culture of trust with your customers. Many businesses find that they’ll do what it takes to prevent security breaches. What will you do?
IT Audit Help
If this recent Target story has the hairs on your neck standing straight up, then maybe you need to take a look at your business’s IT security systems. Contact Rea & Associates. Our IT audit professionals can work with you to determine the strength of your IT systems and help you figure out if there are changes you should make to be in compliance with PCI Security Standards.
Author: Joe Welker, CISA (New Philadelphia office)