Identity thieves target small business -
Robert Siciliano is a NextAdvisor.com Expert Guest Blogger
elephants far identity thieves were hunting. But that could soon change.
According to this study, small to midsize businesses (SMB) are the next targets criminal hackers. This should not surprise, since large corporate networks have progressively better defend themselves.
In recent years, criminal hackers have acted like hornets, attacking and swarming with unpretentious corporate networks. Big business responded with billions of dollars allocated to finance technology and talent to thwart their sting. 
In 2009, the company defense is the best it has ever been. It is still lax, but now the path of least resistance became SMB. Your mom and pop stores are not just resources, including deep pockets, to follow.
Studies by the International Council for Small Business shows that a fifth of small businesses are not even equipped with base defenses, such as McAfee security software. In addition, up to 60% do not even have wireless encryption enabled. What is most disturbing, but not surprising for this security analyst, is two-thirds do not have any kind of security plan in place.
According to survey responses, these same SMB overwhelmingly believe they are not the target, that only big companies need to worry. However, the same study shows that 85% of frauds related to criminal hacks occurs within that exact group.
The National Retail Federation said that Level 3 enterprises are only 60% compliant and level 4 are even less secure.
PCI Compliance, Visa based organization that regulates merchants to prevent fraud by credit card, recognized retailers at different levels. Level 1 retailers dealing 6,000,000 Visa transactions per year Level 2 retailers treat one million to six million, Level 3 retailers treat 20000-1000000, and Level 4 retailers handle less than 20,000.
Many security problems come from the lack of resources for SMB, coupled with their transition to online transactions and the handling and storage of their data.
Some say that the responsibility for managing such operations should be moved to the banks.
An additional recommendation for these Level 3 and 4s is to adopt a strategy in which the trader manages credit data at all. The trader would have an online shopping cart, but the transaction by credit card would be diverted to the server of the bank, without ever being touched by the merchant. 
I'm one of these Level 4 merchants, and this is the strategy I use. All orders are taken online and in person outside the bank manages customer credit card data. PCI compliance is a breeze - no hiccups ..
Although this is practical for SMB, it does not work for others, so retailers need to get their act together immediately, because criminals pirates look
See the lecturer Robert Siciliano identity theft discuss data breaches here.
Robert Siciliano is CEO of IDTheftSecurity.com, an expert on identity theft, professional speaker, security analyst, published author and television news correspondent. Siciliano works with Fortune 1000 and start-up companies as a consultant on product launches, branding, messaging, representation, SEO and media. the thoughts and advice of Siciliano on all these issues often appear in both television and print media news, including CNN, MSNBC, CNBC, FOX, Forbes and USA Today. He has 25 years of safety training as a member of the American Society for Industrial Security. He is the author of two books, including The Safety Minute: Living on high alert; How to take control of your personal safety and to prevent fraud . He also established a partnership with Uni-Ball to help raise awareness of the growing threat of identity theft and provide tips on how you can protect yourself.
0 comments:
Post a Comment