siliconindia | | NOVEMBER 20199Every company should operate with an appropriate security framework to help protect their business from data theft. For smaller businesses and entrepreneurs, this is particularly important, as efforts can understandably be focused on business development and management, while critical priorities like payment data security are treated as secondary priorities.Fortunately, there are clear steps that can be taken to help businesses protect customer payment data and solutions available to help them. For example, the PCI Data Security Standard (PCI DSS) provides a foundation of security controls that when implemented and continuously monitored offers the best protection for payment card data before, during and after a purchase is made. Any business that stores, processes and/or transmits cardholder data should continually apply controls specified in the PCI DSS. Additionally, for the increasing number of businesses relying on smartphones and tablets to accept payments, PCI SSC provides security standards for solutions that enable them to accept contactless payments on their devices and trust that these transactions are secure. This provides opportunities for more businesses, and especially those not based in a fixed location or new to card acceptance, to be able to accept contactless payments in a secure manner. At the very minimum, every business using any form of digital payments should have at least one member of staff who is appropriately trained in security standards to protect their business. For the smallest businesses, this may even be the founder, and entrepreneurs must realise that the responsibility to safeguard their customer payment data could be theirs. For larger, more developed businesses, executives should be hiring or training data security professionals, or Internal Security Assessors, within their businesses to ensure that there are individuals capable of deploying up-to-date standards to protect themselves against cybercriminals.Crucially, data security is not a one-time fix. As payments and technology evolve, and cybercriminals become smarter, so do methods of data theft, and so do security standards. Data security is an ongoing process which must be constantly updated.Data Security is a Requirement for SuccessOne thing that businesses owners and decision makers in India must consider is a change of attitude about digital payments for their business. Digital payments can be extremely profitable, of course, and for the majority, implementing these methods can be seen as a one-way ticket to increasing customer catchment area. However, Indian business owners must realise that implementing new payment methods must be complemented with the appropriate security standards. Without the standards, sooner or later a data breach is almost inevitable. Hackers are constantly probing businesses for security weaknesses, and as soon as they find one without safeguards, they will infiltrate its computer systems and steal customer payment data for profit.And for a business whose customer payment data is stolen, the results can be catastrophic. Many businesses whose data is stolenwill go out of business within 12 months of the cyberattack, and those that do not go out of business can suffer severe reputational damage that takes many years to recover from. Entrepreneurs must not be Deterred!This should not deter entrepreneurs, and experts are clear that digital payments are the future for India. During a video address at the PCI SSC 2019 India Forum in Delhi Indian entrepreneur Nandan Nilekani emphasized that acceptance of digital payments technology, by both merchants and consumers, is vital for economic growth, but knowledge sharing and education about data security are vital to success.A less-cash economy represents a fantastic opportunity for business growth in India. However, companies need to ensure that they are reducing the number of opportunities where cybercriminals can steal payment data. Business leaders who can effectively implement security standards and train personnel to maintain the standards will be tomorrow's captains of commerce. Business leaders who can effectively implement security standards and train personnel to maintain the standards will be tomorrow's captains of commerce
< Page 8 | Page 10 >