POS Security : 8 Tips to Help Prevent a Breach

terminalwkey

With all of the breaches in the news lately, it is time businesses think twice about the security and safety of their data

Here is a list of 8 things you can do to help prevent a breach and the resulting damage to your reputation, customer base and profits:

1 – Do NOT use default passwords

Using default passwords makes compromising a system easy for anyone with the internet. Many websites list the default passwords for just about any device or program.

2 – DO use strong passwords

It seems like everything now requires you to set a password such as your email, online banking, windows login, FaceBook, etc. We understand it can be difficult to remember them all. It can be extremely tempting to use one simple password for all of your accounts. As easy as this may make your life, it also greatly increases the risk of your accounts being compromised. It is surprising how many people use passwords such as “abc123”, “123456” and even “password”. The best passwords are alphanumeric, mix capital and lower case letters, and contain varied symbols.

25 Most Commonly Used and Worst Passwords

The best passwords are alphanumeric, mix capital and lower case letters, and contain varied symbols. It is also recommended that passwords be at least 12 characters or more in length.

3 – You MUST use and keep up to date an antivirus program on every computer on any network that processes credit cards.

If you are like most people you use an antivirus program on your personal computer. So why would you not protect the computers that help you run your business? Antivirus and antimalware programs are relatively cheap and help block and remove harmful programs before they can siphon off your credit card data. Every computer that touches the network you use to process credit cards should be equipped with a trusted antivirus solution.

4 – You MUST keep your OS up to date with the latest security patches

We all are haunted by the “Windows needs to restart to install updates” window. Often times we hit “postpone” or turn off windows updates all together. As annoying as these patches, updates and consequent restarts may be, it is extremely important to the security of your system that you apply all security updates. New vulnerabilities are discovered in operating systems all the time. These patches close any “holes” that would allow would be data thieves to silently sneak in and collect data from your system.

5 – You MUST keep your POS network segmented from your public wifi.

There is nothing better than walking in to a restaurant or business and noticing that they provide free wifi to their customers. Your precious (and expensive) cellular data plan is spared! As great as this may be, it is extremely important that this public wifi is not the network that you process credit cards through. Your POS and back office systems should be segmented or completely separate from any network that allows public access (either on purpose or accidental). This can be checked by your system provider or qualified (and verified) network technician. If you put in an access point yourself, get it checked NOW.

6 – NEVER browse the internet or check email on any machine connected to your POS network

The internet is great. That being said, it is tempting to browse the web, catch up on FaceBook or check those ever so important emails during slow times (or depending on the employee, all the time). As fun as the internet may be, your POS and back office computers are not the place for it. It may be hard to imagine that a midst all those funny cat pictures, the wonderful things your friends are doing today while you’re at work (and sharing on FaceBook to really rub it in) and the ever so happy and heartwarming news lurks deceptive and harmful links and programs. All it takes is one misguided click to infect your system with malware that can steal your data. To prevent this, it is best to have a separate computer outside of your payment processing network available to browse the internet and check your emails.

7 – Educate your employees on proper usage of equipment and NEVER let unverified persons repair or troubleshoot your system

It is important as a business owners that you understand the ways to prevent a breach. However you should also educate your employees on what they can do to help. Educate them on proper usage of computers and terminals such as not browsing the internet or plugging in flash drives. Also teach them never to allow anyone claiming to be there to service or troubleshoot touch the system without proper verification.

8 – Contact your provider for more information

Your system provider can provide a wealth of information on how you can keep your system secure. Never hesitate to contact your provider if you have any questions or feel you may be at risk.