PCI compliance can create headaches for companies that do online commerce. Is your e-business ready?
Whether they're brick-and-mortar or online, merchants find the Payment Card Industry's requirements for protecting credit card data challenging and confusing.
But all retailers must understand how to protect the credit card and other customer data that comes from online transactions, because their businesses are in cybercriminals' crosshairs. Retailers are the second leading source of leaked data (after the hospitality industry), accounting for 20% of total breaches, according to Verizon's 2012 Data Breach Investigations Report. And though the U.S. Census Bureau reports that e-commerce transactions account for only about 5% of the retail economy, they've steadily grown every year.
"It's an interesting world out there, and a very scary world for a merchant, because from day one, you're a target," says John South, chief security officer for payment processor Heartland Payment Systems.
Many of the retailers playing in this scary online world are small businesses, and they're the most vulnerable: Nearly 95% of breaches happen to merchants with 100 employees or fewer, according to the Verizon report. They don't have the dedicated security and risk management teams larger businesses have.
Tuesday, October 30, 2012