With startling regularity we hear about security breaches at big corporations. Credit card and other personal information stolen, often not being reported until days, weeks, months after the event actually occurred. It’s alarming to us as consumers but in many cases small business owners don’t see the implications for their business. Data thieves aren’t just targeting giant corporations; they are increasingly targeting smaller businesses.
Why target small businesses? Thieves certainly aren’t going to come away with millions of credit card number or millions of anything in most cases. The reason small businesses are becoming more of a target is simple, vulnerability. Big corporations typically have large, sophisticated security and IT organizations watching over and managing their infrastructure. The payday for penetrating a big target can be substantial for cybercriminals, but large organizations are typically much harder to crack.
Small businesses on the other hand can end up being an easy target partially because they don’t believe they are even being targeted. They are. The pot of gold at a small business may be much, much smaller but may be found without a lot of effort for small businesses who have not protected themselves.
Another surprising element in this story is that small businesses have the same compliance requirements as large businesses. The PCI/DSS compliance standards don’t discriminate based on company size. This means the implications for a compromised small business can be substantial even beyond the direct impact of resulting fraudulent activity. So what can a small business do to protect themselves?
Get the data out of the system – One of the most effective ways to protect yourself is to remove the pot of gold altogether. When your systems don’t contain sensitive data, there is less there for a criminal to find, and steal. Using a service like ProPay ProtectPay shifts the information out of your business systems into the secure, compliant ProPay environment. For many businesses this is the smartest, easiest and most reliable solution.
Do it yourself or partner? Most businesses serious about protecting themselves and their customers face a build it or partner for it decision. A robust level 2, level 3 PCI/DSS compliant infrastructure can be costly and complex to build. For businesses willing to make the investment to build, an equal or greater investment may be required to manage the infrastructure and assure it remains compliant as technologies, environment and policies evolve. Yes, you can do it yourself, but it’s a heavy, complex and long-term commitment.
The key message for small businesses is not assume the cyber bad guys are only focused on the behemoth companies. They are in fact frequently targeting small businesses who are unprotected and unaware of the risks. You’re not too small to be a target and the business risks if you are compromised can be substantial. ProPay has a number of solutions that can help designed specifically for smaller businesses. Give us a call today to learn more.
Visit www.propay.com, call 888.227.9856 or email firstname.lastname@example.org.