Retail and PCI
The retail industry has taken hits and losses in 2014 as in no other year to date, costing merchants billions of dollars in lost revenue and reputation. With the widespread use of credit cards by consumers for purchases of almost any kind and size, security of private data such as account numbers and identities has never been so vulnerable, nor so critically important.
While merchants have spent untold dollars securing their websites for Internet shopping, which has allayed consumer nervousness about shopping online, the basic conduit and lifeblood device of the retail bricks-and-mortar store, the Point of Sale Terminal (POS) is now the target of theft and compromise from attackers the world over.
While the United States has been the major target of these attacks in the past, the threat is growing at a staggering rate worldwide.
The development and use of several aggressive and insidious types of malware are primarily to blame for the success of these attacks. The encryption holes discovered at POS terminals of popular retailers by such companies as The Saturn Partners reveal a shocking lack of security in the handling and processing of credit card orders at stores everywhere.
One doesn’t have to be a Target, Neiman Marcus (see our whitepaper) or even a large merchant to suffer the same type of losses of private information and dollars these household names have in 2014.
We cite Verizon’s 2013 research on data breaches, especially aimed at Retailers:
“Retailers have a few choices against these attackers. They can increase staffing levels and develop leading-edge capabilities to detect and stop attackers using (comprehensive monitoring and incident response)”…
The Saturn Partners, Inc. has been on the leading edge of providing data security, providing cyber security testing, and disaster recovery/data recovery services to clients the world over since 2001. Our hands-on, customized approach to detecting, analyzing and quarantining threats to protect client information and financial assets has been documented over and over again in cyber security cases in several industries since the dawn of online shopping age.
Whether you are a small business dependent on credit card purchases or a large retailer with millions of customers and lists to protect, you owe it to yourself and your CUSTOMERS to contact us at The Saturn Partners, Inc. so that we may discuss your individual concerns, environment, and risks.
By the time the attackers may have made The Wall Street Journal or the New York Times with a new form of malware aimed at you, it may be TOO late for your business!
Click on the photo below to download:
PAYMENT CARD INDUSTRY DATA SECURITY STANDARD VALIDATION
The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is required by the major credit card issuers to help organizations proactively protect customer account data.
All entities that transmit, process, or store payment card data must be compliant with PCI DSS. This standard is regulated by the PCI Security Standards Council.
PCI DSS task cost quotes are based on complexity of the merchant or service provider’s environment to include the number of firewalls, switches, servers and processing locations.
The Saturn Partners utilizes only highly skilled and certified engineers for testing and implementation of a blueprint to ensure you are PCI DSS compliant.
Liked What You Just Read? Join the Highest Level Newsletter in the InfoSec Industry.