News

Credit card breaches affect businesses financially and professionally

Dave Wendland learned the hard way that, when all is said and done, the security of his business rests entirely on his own shoulders. The Tallahassee restaurant owner assumed his point-of-sale (POS) system was secure and customers' data was safe, but hackers were able to get past the system's firewall and remotely access the terminal to steal customer information.

Wendland says this has cost his business both financially and professionally. "I know I have lost customer trust," he added. His restaurant will undergo a forensic exam to analyze the terminal's old hard drive and reconstruct what happened. He expects the exam to cost him about $12,000.

In an effort to correct past mistakes and redouble his security effort, Wendland is now adhering to the Payment Card Industry Data Security Standard (PCI DSS). PCI, as it's referred to, is a worldwide information security standard defined by the Payment Card Industry Security Standards Council. The standard was created to help businesses and organizations that process card payments prevent credit card fraud through increased controls around data and its exposure to compromise.

Wendland says he has learned he can't assume that a third party — a vendor or processor elsewhere — is looking after the security at his business. It's up to him, he says.