Are You the Next Target?
We keep reading about Target and credit card data breaches. Just when we think the story will fade, we hear that more data was stolen – 110 million Target customers. Sadly, we’ve learned that the situation could have been avoided or at least greatly mitigated. Rush Taggart, CSO from CardConnect, was recently on CNBC where he describes how “pin & chip” technology would have made the data much less valuable to any would-be thief.
Now, most companies running Costpoint – this is the Costpoint 7 Center blog after all – don’t have 100+ million customers, let alone 100+ million customers using credit cards. But still, there are risks whenever you are handling credit card data and best practices to mitigate those risks. Many of the best practices may seem obvious, but often get ignored in our rush to get our day to day jobs done. For example, one should never email a credit card number (I told you that many of them were obvious; still, it happens). One should never store a credit card number on your personal computer. One should never store a credit card number in Costpoint. By now, you’re probably seeing a theme: never store a credit card number in a system that has not been audited and deemed compliant with Payment Card Industry Data Security Standard (PCI-DSS).
So what are your options? No, don’t write them down on a piece of paper and hide it under your desk blotter. Back when I was a system security engineer, I often tagged along on physical security audits – we always looked under people’s blotters for passwords, safe combinations, and other sensitive data. Paper is okay if it’s properly stored in a secure container with limited access.
If you’re handling customers’ credit card information, you owe it to them, to your company, and to your own long-term career prospects to learn the best practices for handling payment card data. None of us want to read a story about our company in the paper involving a data breach.
If you’d like to learn more about best practices for handling customer credit card transactions in Costpoint, Contact Us or join us for our free webinar on January 23rd.