Unveiling a new logo and completely redesigned website earlier this week, SecureConnect has revitalized its brand to reflect differentiation and leadership in the industry. Specializing in PCI compliance and security solutions, the company has more strongly positioned itself through strategic rebranding that includes renewed design and delivery of communication. Focusing on security as the fundamental source of proper compliance, SecureConnect revisited its tagline, determining that “Security. Compliance. Control.” more strongly communicates its approach to network security and PCI compliance. With a solution unmatched in the industry, the rebranding effort reinforces the commitment SecureConnect delivers to its customers.
In tandem with its logo redesign, the company examined its online presence and how it could be improved. Launching a more user-friendly website, SecureConnect hopes information will be more easily accessible to customers. The wealth of educational information and valuable resources available through SecureConnect.com is intended to benefit business owners, acquiring bank partners and integration vendors.
As the SecureConnect brand continues to evolve its solution with the ever changing PCI standards, the rebranding effort attempts to keep its image in line with these changes.
Hell Pizza, a New Zealand based pizza chain, recently sent out an email to its 230,000 customers to change their passwords. They believe that they have suffered a breach, but cannot yet identify the attack vector (this could be a rogue employee or poorly designed website).
While I applaud Hell Pizza for notifying their customers, since web users typically use the same email and password for websites they authenticate to, they didn’t adequately protect the information to begin with. According to sources at risky.biz, the hackers have obtained private information including passwords, email and home addresses and phone numbers, in addition to order information. Apparently, no cardholder data was obtained.
Merchants are continually trying to enhance the user experience by offering such services as online ordering. However, this can be a disservice to your customers if not properly implemented, as in the case of Hell Pizza. Developing a web site with insecure coding is a poor way to conduct business.
While representatives from Hell Pizza indicated that cardholder data wasn’t breached, it would seem likely that the online payment card flow would put their servers in scope for PCI. Vulnerability scanning, as conducted by an ASV (of which BHI SecureConnect is one) should have shown the SQL injection vulnerability (as reported by risky.biz). In addition, validation by completing the Self Assessment Questionnaire would indicate that one cannot provide direct database access from the internet (mySQL was reportedly listening on the public side), among many other violated requirements.
Hell Pizza should have conducted due diligence in assessing their security posture, and if in scope for PCI, have a contractual obligation to fulfill the PCI requirements.
This should also serve as a lesson for consumers to not use the same password for the websites that you access. A breach could potentially allow access to online banking and other personal records. Use a password databases, such as the open source (ie free) KeePass Password Safe, to keep your passwords safe and straight.
Whether you’ve been in business for a little while or you’re just getting started, there’s one area that you probably already find a bit frustrating: PCI compliance. It is a topic that tends to get ignored because many business owners feel that it takes too long to really achieve compliance and have the misconception that it’s an extremely costly venture. However, this isn’t the case at all — it’s quite possible to achieve compliance without incurring all the stress and debt that have become misconstrued throughout the retail industries.
The best way to achieve better merchant compliance is to see what areas need to be fixed in the first place. Completing a vulnerability assessment and looking at any problems within your current system is the best way to make sure that you have a better grasp on any problems already present in the system.
From there, you can apply comprehensive solutions that cover the basic components of great security, such as round-the-clock monitoring as well as strong firewall protection.
So, if you really want to achieve better merchant compliance, you would do well to pay attention to the advice offered here — contact an expert like SecureConnect who can provide you with the foundation of security and the assurance of compliance.
One of the most important keys of a retail establishment is the point of sale (POS). Indeed, maintaining a POS is one of the biggest factors in how much growth you can expect in the company. After all, if you aren’t able to generate sales, you can’t move your company forward.
Yet maintaining a POS is more than ensuring that the system is actually turned on. You will need to make sure that your system is actually updated properly and that POS security is maintained at all times. If your system can be compromised, it could pose serious consequences for your business from numerous directions.
Thankfully, it’s quite possible to build a strong POS security plan that’s actually realistic. The focus here is to make POS security an absolute truth within the organization, to the point where no one can look at your system and see that you don’t have the right security policies in place.
To pull that off, you may want to bring in an external company that can use their expertise in credit card security as well as POS security to ensure that you are well protected. If you take this route, you will definitely be well on your way to making POS security truly an absolute truth within your organization — get started today!
In a business, managing resources and personnel are the two key components that lead to higher profits — when handled effectively, of course. Indeed, if you can maintain the resources that you have as well as handle the personnel on hand to take care of various components of your business, then you will be one step closer to the stable organization that you deserve.
If you are processing payments on your own, you will want to make sure that you are keeping PCI compliance at the top of your list. In a nutshell, PCI compliance is all about protecting sensitive cardholder data and keeping t out of the hands of unauthorized parties.
If you’re not a technical person, then the task of achieving and maintaining PCI compliance can be pretty stressful. Thankfully, it doesn’t have to be that way at all. Indeed, you can actually handle your security needs in a straightforward and automatic way as long as you know what tools to invest in.
One solution that stands head and shoulders above the competition is SecureConnect — a comprehensive suite that takes the matter of security completely out of your hands. You can rest easy knowing that a true stress-free solution is at your disposal, monitoring your network for any potential threats and providing a solid barrier to keep unauthorized users and malicious tools out of your network.
So, if you’re a non-technical person that’s concerned about security, you will definitely want to give SecureConnect a look!