According to the 2013 Global Security Report by Trustwave, 71% of small business owners were victims of a data breach. The report blames it on the fact that they are the least equipped to protect themselves. This is what makes them attractive to hacker.
What is particularly scary for small to medium size business in the US is that according to a study by Experian, 60% of them closed down within 6 months after a data breach.
41 percent were due to malicious or criminal attacks, employee negligence caused 33% and system glitches 26%. I am not so sure the employees were that negligent.
Now many people mistakenly believe that because MasterCard and Visa take responsibily for the debt that they are okay. Not true. What happens in these situations is that banks will look into recovering their monies at the retailer and generally this is what they do with fines, and legal costs
Say you had a data breach and it did go to court. What is a judge going to say if he is told, you had an XP machine, the eftpos unit was old, you had no anti virus program, no formal written Internet security policy etc.
Here are some measures you could take to reduce the risk would be
Make sure you have a current eftpos unit. Ring up your supplier and make sure that it is, if they say it is okay, write the details of the conversant in your diary.
Make sure you use an antivirus software and it is up todate. My favourite is Avast which is free.
Make sure your window software is up today. Really you should not be running now anything earlier then Win7 in a business.
Do not treat passwords as a joke. Here is a very good site to test your password. You want something at least strong. Change your passwords regularly, this is particularly true of passwords used to dial in.
Be carefull were you surf on the net. You want to go to these sites do it on a non business machine.
Explain to everone in your business how important it is that the information you have is kept confidential. Then write in your diary that you did this.
The fault for a security breach, can be severe. At the very least, a retailer can be cut off eftpos. Finally, there are also your customers who trusted you. What are they going to think if they find out about it?