Two Easy Methods to secure transactions

Two easy methods to secure transactions

  1. Training
  2. Audits

The two easy methods to secure transactions are not a one time cure. People need to remain not obsessed but vigilant. Do not let HD or other big companies off the hook. There are laws about data security. However, these large companies with their fleets of lawyers know the can probably run out the clock on claims. It is a fallacy to believe that size matters. These attackers are not sitting there calculating, they are running algorithms to uncover vulnerable sites.

The risks were clear to computer experts inside Home Depot: The home improvement chain, they warned for years, might be easy prey for hackers.

But despite alarms as far back as 2008, Home Depot was slow to raise its defenses, according to former employees. On Thursday, the company confirmed what many had feared: The biggest data breach in retailing history had compromised 56 million of its customers’ credit cards.

from <http://www.nytimes.com/2014/09/20/business/ex-employees-say-home-depot-left-data-vulnerable.html?hpw&rref=technology&action=click&pgtype=Homepage&version=HpHedThumbWell&module=well-region&region=bottom-well&WT.nav=bottom-well&_r=0>

Just like sports celebrities we hear about it more in companies with larger media surfaces. Small and medium size business are actually more venerable and targeted just as restlessly. The Two easy methods to secure transactions are available and cost-effective. SMBs spend less time and attention on security. Less than 10% of SMBs spend anything on training or security audits. They use the hope and pray method.

With the HD breach, the warning went out: Ex-Employees Say Home Depot Left Data Vulnerable – NYTimes.com – “[Management] did not continuously monitor the network for unusual behavior, such as a strange server talking to its checkout registers.”

Expiring, single use tokens are coming to transaction processing everywhere. In the meantime, and even then people need to be vigilant, in and out of businesses of all sizes. We need training as customers too.   The Target breach was because a contractor company, you know… one like Edward Snowden worked for only much smaller. Companies must train their employees. They must audit security as if they audit the books.