Data has always been a currency for crooks but, now more than ever, personal data has become a hot commodity for everyone from petty identity thieves to major organized crime. And one of the easiest ways to get this kind of information is from websites just like yours.
According to the body that creates and oversees standards for protecting businesses that take credit cards, more than 80% of attacks target small merchants, and Visa admits that more than 95% of credit data breaches are at the smallest merchants.
In order to minimize these breaches, increase small business security, and improve customer confidence in small businesses, these credit card companies got together and created a set of rules that small merchants must now comply with – and that every small business should take a lead from.
It’s called PCI DSS, which stands for Payment Card Industry Data Security Standard. Although it’s usually referred to as PCI. And if you haven’t already heard of it, you could be in for a rude awakening. PCI is essentially a set of security rules and practices that all businesses must adhere to if they want to continue accepting credit cards from their customers.
PCI has slightly different standards depending on how big your business is and how many credit card transactions you have each month, but even the smallest businesses must follow some rules.
According to the PCI Standards Council that oversees the program, small businesses have a great deal to lose if they fail at security. The costs could include:
- Fines and penalties
- Termination of ability to accept payment cards
- Lost confidence, so customers go to other merchants
- Lost sales
- Cost of reissuing new payment cards
- Legal costs, settlements and judgments
- Fraud losses
- Higher subsequent costs of compliance
- Going out of business
But those risks and costs are avoidable. Not only have I personally been a small business owner for more than 30 years (and my father and grandfather before me) but my small business happens to be cybersecurity. And from what I’ve learned over those three decades, I would never even consider creating a website for my business without a service like SiteLock protecting it. The peace of mind is priceless, but so is the cost of missing a serious threat.
So there’s no excuse. PCI tells you exactly what you need to do to protect cardholder information, and helps you do it. Companies like SiteLock even automate most of the process for you, taking the pain out of the application process, then keeping you compliant by monitoring and managing the security of your website around the clock for as little as a buck a day. That’s not a very high price for customer trust and confidence. It’s not a high price for achieving compliance with PCI and being allowed to continue to accept credit cards. And it’s a very small price compared to the alternative — of a data breach or fine. To learn more call SiteLock at 855.378.6200.