fbpx
Search
Close this search box.

Keep Your Shoppers Safe With These 4 Non-Technical PCI-DSS Tasks

Employee working on laptop with marketing designs loaded on screen.
Employee working on laptop with marketing designs loaded on screen.

I have a hunch: as a merchant, keeping your shoppers secure is of utmost importance to you. But PCI-DSS requirements can be overly technical, confusing, or simply not applicable to your situation.

When holiday shopping season rolls around, you might feel as though you’re simply hoping for the best.

Here are 4 practices to turn your best intentions into actions. The best part? They aren’t super technical.

1. Read over your last completed PCI-DSS self-assessment.

Since this step may  have a more technical side to it (depending on your PCI-DSS level), we’re putting it first so you can get it out of the way.

The main goal in reviewing your most recent self-assessment is to uncover any tasks you put on your to-do list…and subsequently forgot about. Self-assessments have the downside of requiring self-enforcement; tasks can fall through the cracks when you’re focused on running your company.

Beyond that, a review of your questionnaire can help boost your confidence in your company’s payment card security practices.

If you need help completing or reviewing a self-assessment, contact us. We perform security evaluations and offer PCI-DSS compliance services.

2. Give your customers an email address and phone number where they can report phishing attempts.

Even if you’re a small fish in a big pond, don’t assume hackers haven’t noticed you. Hackers are increasingly targeting smaller businesses with the (good) assumption that their security resources are slim to none.

Cyber criminals have likely been planning holiday phishing attacks since New Year’s Day, 2017, attacks which use inside information from hundreds of small to mid-size businesses, including employee names, URL spoofs, and logos.

Let your customers know how they can alert you of any suspicious activity in your name, and keep a vigilant eye on your inbox.

3. Monitor vendor alerts and feeds.

In addition to keeping the lines open with your customers, keep an ear out for alerts (email, social media, and/or phone) from your Card Scanner and Point of Sale vendors. For most of you, the bulk of the PCI-DSS requirements fall squarely on their shoulders. And as we know, no company is immune to a breach.

Monitoring your vendors’ newsfeeds will help you respond immediately if a breach occurs. Similarly, keeping their security contact information on hand allows you to immediately inform them of any suspicious activity you notice.

4. Educate your customers

Share credit card safety tips (like the ones in this article) online via your social media profiles and/or post them in your place of business.

Enjoy the rush of the holiday shopping season—in safety.

Corsica Technologies
Corsica provides personalized service and a virtual CIO (vCIO) who serves as a strategic advisor. When it comes to the complex integration of solutions for IT and cybersecurity, the whole is greater than the sum of its parts. We offer cybersecurity solutions, managed services, digital transformation, resale services, and one-off technology projects. Corsica unifies any combination of these services into a complete, seamless solution.

Related Reads

B2B Integration Tools: 4 Dark Secrets - Corsica Technologies

Legacy B2B Integration Tools: 4 Dark Secrets

The world of B2B integration comes with complexity. Not only are you sharing data within your internal systems—you’re sharing it with the external systems of trading partners. That gets incredibly complicated. Even the best B2B integration tools may not be

Read more
Cloud migration security - What you need to know - Corsica Technologies

Cloud Migrations: 6 Steps To Reducing Security Risks

Cloud migrations allow organizations to leverage the full power of the cloud. Yet cloud migrations aren’t without security risks. As Forbes reports, 94% of cloud customers were targeted every month in 2023—while 62% of them were successfully compromised. Whether you

Read more

Sign Up For Our Newsletter

Stay up-to-date on the Managed Services and Cybersecurity landscape, and be the first to find out about events and special offers.