So, you’ve upgraded your business to EMV POS terminals and trained your employees on using the new system, right on track with the U.S. implementation of EMV chip card technology. While this is an important—and highly recommended—step in protecting your customers’ sensitive data from fraudsters, don’t assume that having an EMV point of sale terminal is your be-all-and-end-all protection against a data breach. Don’t make the mistake of engaging in these other risky behaviors that could put your systems at risk.
Your systems are still vulnerable.
Here’s the bad news: even if you have implemented an EMV POS terminal, your systems and data are still susceptible to attack. Fraudsters are very good at their jobs, always finding clever new ways to infiltrate payments systems and nab useful data. Here are some ways that your business may still be vulnerable to a data breach, even if you are processing EMV chip cards:
- Remote access. If you or your employees access your systems remotely, you could be opening them up to attack. Make sure that everyone knows and uses the most secure way to access your system while they’re not at work. And, if possible, request that employees only access your systems remotely in emergency situations.
- No firewalls. If your systems aren’t protected with a firewall, you’re risking fraudsters nabbing sensitive card data. Work with your IT department or specialist to make sure you have a firewall in place that is secure enough to protect credit card data.
- Not segmenting away from other systems. Ideally, your POS terminal should be segmented from other business systems, such as those that are used to access the Internet. If your POS terminal is not segmented from these activities, you run the risk of hackers tapping into your POS terminal—even if you have the most modern EMV-enabled system.
- Not having anti-virus. Your customers trust you with their valuable, personal data, so don’t risk your systems being open to attack by not protecting your computers and terminals with anti-virus software. Speak with your IT specialist or your payments processor to ensure you have adequate anti-virus protection in place.
- Not knowing the third parties managing their systems. Make sure you have a full knowledge of all persons who will be accessing your system, for any reason. Make sure you have authorized their access and that they are accessing your systems in the most secure manner possible.
- Not asking the right questions. When it comes right down to it, you just might not know what types of comprehensive system protection you need to protect your business from a data breach—and no one blames you for that! Rely on your payments processor and their expertise in the industry to provide you with counsel on how best to protect your system.
- Not considering security when purchasing a new system. When you’re in the market to purchase a new system, there are so many options to consider that it can be easy to lose track of security. But, don’t make that mistake. Make sure that the new system you implement offers top-notch security that is armed to protect your company from a data breach. Your brand and reputation depend on it.
But, here's the good news: your credit card processing provider can help you conduct a full assessment of your system to ensure that you have done everything in your power to protect your company from a data breach. Contact your payments processor today to take this important step to secure your business.