Yes, because unfortunately they are more of a target today than ever, and they are less likely to survive if breached.
61% of breach victims are SMB’s, which is increasing year on year, as smaller companies have not had the headspace or the resources to secure themselves. More concerning is that 60% of SMB’s that experience an attack go under within 6 months.
Case Study: Restaurant – 2017 – a breach of payment card information resulted in £21,000 of audit expenses and an additional £66,000 in fines and penalties from the credit card companies.
What regulations apply to me?
Card issuers and the governments are forcing organisations to improve security. If you take card payments, you are subjected to the following:
- Feb 18: The Payment Card Industry Security Standard Council (PCI SSC) enforces a new version of their Data Security Standard, version 3.2.
- May 18: The GDPR came into effect, along with the new Data Protection Act which makes Company Directors personally liable.
- Dec 18: The PCI SSC issues stricter guidance on phone payments.
3 common misconceptions
- I don’t record phone calls, so I’m compliant. Unfortunately, no.
- We only take a few payments. Sure … but you still need to comply with the regulations even if you take just one card payment.
- My staff type the card information straight into a terminal/virtual terminal. Great … this helps but doesn’t make you compliant.
Remember, Company Directors are compelled not to neglect their duties around compliance. Under the new law they face personal liability of up to £500,000.
Case Studies: a Travel Agency, a Dental Practice and a Bowling Alley – 2018 – breaches of personal data and payment card information resulted in a total of £105,000 of expenses and fines.
A glint of hope
Affordable technology is keeping pace with regulatory changes.
Fusion offer PayGuard®, and phone and online payment application that allow businesses of all sizes to tick all the compliance boxes while processing payments securely, and all at a reasonable cost.
PayGuard® not only allows your staff to continue to speak with your customer throughout the payment, but also helps you set up payment schedules and make refunds easily. On top of this Customers surveyed report feeling more secure and prefer paying with PayGuard® too.
The tools are out there to remove the ever-increasing, personal and professional risk of breaches and non-compliance. Take the time to familiarise yourself with your options. Now is the time to act!