Why Companies Need A Two-Step Plan To Secure Credit Card Transactions
It’s the latest in a long line of cybersecurity incidents involving a well-known brand: In April, Chipotle Mexican Grill notified customers that it detected “unauthorized activity” on a credit card payment processing system. This put the restaurant chain in a position no company wants to be in — recommending that customers “closely monitor” their bank statements for unauthorized charges.
With the incident, Chipotle joins the ranks of high profile organizations that have suffered breaches of their payment processing networks. The impact proves damaging: A study from the Federal Reserve Bank of Boston found that only 35 percent of consumers believed their personal information was secure during credit card purchases before the Target breach in 2013. But after that breach, this low level of confidence plunged even further to 24 percent.
Clearly, these negative sentiments can lead to lost sales. As such, it’s essential to develop the most effective payment processing security policies and practices — and communicate what you’re doing – to preserve brand reputation and customer loyalty. In the past, organizations invested heavily in traditional, perimeter-focused cyber defense tools such as firewalls and anti-malware protection to “keep the bad guys out.”
While these solutions still serve a critical purpose and are always best practice, they are only one component of a complete security architecture. Even if you thwart outside adversaries from infiltrating your network, for instance, you remain vulnerable to threats from insiders such as disgruntled employees, ill-intended contractors and other parties with access to your information. More than two-thirds of security professionals, in fact, consider insiders as their greatest security threat, according to recent survey from security firm Bomgar.
To read the original article, click here.