October sees the 5th anniversary of European Cyber Security Month (ECSM), the EU’s awareness campaign that takes place each year across Europe. The aim is to “raise awareness of cyber security threats, promote cyber security among citizens and organisations; and provide resources to protect themselves online, through education and sharing of good practices.” (www.cybersecuritymonth.eu)
Week 1 (2-6 Oct) is focussed on Cyber Security in Workplace, raising awareness amongst companies, employees, IT professionals & senior management about the current cyber security threat and offering training for prevention. So, as part of this, here are some reminders of things you can do to protect your business from a cyber attack:
Adapt new technologies.
It’s impossible to keep up with every new piece of technology that gets released onto the market but evaluating your database and payment systems on a regular basis, implementing software updates and keeping abreast of new developments is crucial to protecting your business and your customers. While it won’t necessarily prevent breaches from occurring, it will make it much harder for criminal hackers and create a deterrent for future attacks.
Educate your employees.
The most up to date technology can’t help you unless your employees understand their roles and responsibilities in safeguarding sensitive data and protecting the company’s resources. Proper training will help employees to detect and deter different attacks. They are your most valuable defence in the fight against different threats so be sure to make the most of them.
Implement network segmentation
Segmenting your IT network, including your database and card payment process into different ‘zones’, each with varying security requirements, thwarts hackers from accessing complete customer data and limits the damage that they can cause.
Have a plan in place.
If the worst case scenario happens and you do fall victim to hackers, breaches in payment data have the potential for significant financial impact so it’s essential to be prepared to react quickly and have a plan in place to notify affected customers and authorities as soon as possible so that they can take appropriate actions and limit further damage.
Follow PCI DSS and other best practices.
Companies that handle card payments are required to comply with standards, such as PCI-DSS, which provide policies and procedures intended to optimise the security of credit and debit card transactions and protect customers against misuse of their personal information. Regularly checking your compliance with these standards will help to ensure that your systems are in the best possible condition to fend attempts at data hacking.
Why not use this Cyber Security Month as a catalyst for examining your card payment processing system and see if you can make improvements in protecting your customer data? At PCI Telecom, we create bespoke card payment processing systems that integrate seamlessly with your networks and databases. We have an accredited Level One certification for PCI DSS compliance with security at the core of everything we do. To find out more about us and how we can help your business, visit our Solutions page.