Avoid Credit Card Security Issues with Some Simple Steps
Content provided by the Latinos in Information Sciences and Technology Association (LISTA)
Written by LISTA Chicago President Juan Soto
Credit Card Security Makes Front Page News
Your customers count on you to protect their data, it seems every few months we hear about yet another company having their client's credit card or vital information being stolen via a laptop. The consequences can be devastating, but you can take a few common sense steps to secure your data by following these suggestions:
Limit Access to Secure Information
It may seem obvious, but does EVERYONE in your company need to view credit card or social security information? Perform an analysis of who should see what and then work with your IT department to create security groups in your application. Limit access only to those that need it.
Limit Views to One Record
Once you have only certain people with access to the data, limit how they can work with it, for example, if a customer calls to change their credit card info on file, then only display the last four characters of the old card as a reference. Under no circumstances should employees be allowed to view all credit card numbers on file, or be allowed to dump them to a spreadsheet.
Monitor Who Has Viewed the Data
Work with your IT department to see if a table level procedure can be implemented to track which employees have viewed what record. Create a report that will list the quantity of times an employee has viewed records in case you need to follow up on any suspicious activity.
Separate Confidential Data
In order to make your security arrangements easier, consider separating confidential information into its own table. Credit card data, Checking and Social Security information should all go into separate tables.
There are many more steps you can take to secure your data, but I hope this article can help you get started with an audit of your system and procedures. We recommend you hire a professional firm to help you with your data security, but at the very minimum follow our recommendations above.
Content copyrighted by the Latinos in Information Sciences and Technology Association (LISTA)