Thursday, 22 October 2015

Are you PCI compliant?

Many of our clients use a PDQ (Process Data Quickly) machine to take a payment from a customer or client using their debit or credit card or take payments directly over the phone or through their website. 

Anyway, we thought this would serve as a useful reminder of the strict compliance requirements surrounding credit/debit card payments that have been in place since September 2006.

PCI DSS or Payment Card Industry Data Security Standards (to give the full title) apply to anyone who stores, processes or transmits credit/debit card data.

It matters not the size of company or the size of payments or amount of payment.

So, if your staff take a call and scribble down the details on a scrap piece of paper, or you record telephone calls that have this data on,  just make sure it is all stored in a secure environment and in accordance with the Standards.

Potentially any breach pointed at you, means you face loss of Merchant ID and PDQ Machine (ergo loss of business) and steep fines.

To learn more Click here for FAQ's

The Merlin Team

Tuesday, 13 October 2015

Is your router reliable and as secure as it could be?

A recent article by Chris Baranuik brought home the seriousness of flaws in routers and we reiterate what you should do to ensure your security is up to date.

We cannot stress the importance of this piece of equipment within your business.

Your router is your window to the world, so it makes perfect sense that you buy a really good quality business grade router in the first place and don’t skimp with your money buying a cheap home grade product. They simply do not cut it when running a business.   You spend money on an expensive i-phone for your business? Well, if you are prepared to spend this sort of money on a phone, then do the same for your router. Your business is worth it don’t you think?  Our mantra is “you get what you pay for”, as with most things in life.

It is also essential that the firmware is upgraded on a regular basis, which means you set regular monthly updates in your diary so this is not missed.  This way any exploits by hackers or faults that are found, are remedied with the upgrade so diminishes the risks of being hacked.  The upgrades are down to you, they cannot be done automatically for you!

Just remember if anyone does get into your router, they can alter settings, track exactly what you are looking at and direct traffic to malicious sites.  Not a pleasant thought.  

And while we are on the subject of routers for business, (especially if you have a hosted phone system) also consider keeping a spare router on your office shelf.  If your router fails, just stop to consider the cost to your business whilst you source a replacement.  Take into account the lost custom and lost man hours, if there are no phones or internet. With a spare, you can be back up and running within minutes, not a day or so.

Your business is your lifeline, after all, so look after it!

For the full article mentioned above click here