A few days before Christmas, Hyatt Hotels reported a security breach in their payment processing systems. The hotel group engaged third party cyber-security experts when they discovered malware on some of their computer systems that process client payments. We’ve discussed some of the world’s largest data breaches and the security holes that cause them, and every time we read about it – we think about the actions we take to protect our own clients’ payment systems. Of the top data breaches in the world, hackers executed 3 out of 4 of them. With the nature of cyber attacks continually evolving, it’s more important than ever to protect your business and customer data by securing your systems. Wondering what your Bradenton IT company is doing to protect your payment systems? Here are just a few things we do to make sure our clients are safe:
Keep the network up to date and secure.
The baseline security of your network, infrastructure and workstations are the most basic aspects of your IT security in order to protect your organization from hackers. Hackers work by attempting to manipulate any security gaps they can find. Things like encrypting their malware or viruses, capitalizing on systems that haven’t been patched or updated or locating server operating systems that have reached end-of-life and are no longer supported are just a few ways they can access your network. Your provider should provide comprehensive management and updating of all of the following:
- Centrally managed antivirus
- Operating system and server updates
- Firewall and router updates
- Equipment upgrades when needed
Keep you PCI (Payment Card Industry) compliant
The Payment Card Industry Data Security Standard (PCI DSS) is a set of standards for companies of every size that process credit card payments. Companies that accept credit cards must host that data securely with a PCI compliant hosting provider. Your Bradenton IT company should ensure that your company is PCI compliant, conduct regular assessments and remediate any deficiencies that, when left unchecked, can result in significant fines. This takes a huge weight off your shoulders and helps give your customers the piece of mind in knowing you’re doing your diligence to protect your data.
Assist you with or provide you with the resources for employee training.
No matter how your infrastructure and security is set up, it is ultimately up to your users to interact with your technology responsibly. Our recent article gives you some tips for training employees to avoid modern IT security breaches. Beyond keeping their browsing habits in check, you’ll also want to warn them of the dangers of connecting to public WiFi, and plugging in external devices (like USB flash drives) to their workstation. You can use an external training service to help educate and test your employees on IT security.
It’s not just your IT company’s responsibility to keep your network up and running and react to any issues that occur. It should also be your IT company’s responsibility to help you be more proactive about the state of your IT security and network in general. By forming a strategic partnership, you can ensure that your technology needs are addressed, get a strategy for what’s coming next, maintain your security and also prepare for growth. Your relationship with your IT company should be more than supportive. It should be comprehensive and strategic.