To Avoid Costly Breaches, Optometry Practices Need to Focus on Data Security

According to the 2013 Verizon Data Breach Investigations Report, 31 percent of breaches were from businesses with 100 or fewer employees, and another 9 percent were attributed to organizations with between 101 and 1,000 employees. 

Experts say small business owners who don't make protecting customers' payment information a top priority could soon find themselves out of operation.

"Many small business owners aren’t taking the necessary steps to create ongoing data security policies and practices," noted Bob Carr, chairman and CEO of Heartland Payment Systems. "They don’t understand how vulnerable they really are." Small companies need the same level of data security as global enterprises do — if not more."

"Most small businesses aren’t aware of the extent of data security breaches, or the potential liabilities," said Michael English, executive director, product development, for Heartland Payment Systems. "Damage to brand reputation can be devastating, and the fines can be astronomical if a company is out of compliance with Payment Card Industry (PCI) Data Security Standards (DSS). One large retailer was assessed more than $10 million in fines for a 2010 network intrusion, and according to the Ponemon Institute 2014 Cost of Data Breach Study, 60 percent of small businesses that suffered a data breach went belly-up within six months." 

For years a trusted leader in data security, Heartland has developed simple guidelines for its merchants to follow so they become more vigilant in securing the systems and software they use to do business:

DO:

Use strong passwords – Ensure passwords are at least eight characters in length and include capitals, numbers, and alternate characters. Change passwords on those sites reported as vulnerable.

Use antivirus software – Ensure antivirus software is up to date and always running.  

Use firewall software – A firewall is excellent protection against malicious software attempting to connect to a server and pass sensitive information to criminals. Blocking communication won't remove the infection, but it will render it mostly harmless.

Keep operating software up to date – This is required for PCI compliance, and is one of the best ways to keep ahead of hackers.

Contact your banks and financial institutions – Determine if they were subject to the vulnerability, and if so, how they mitigated the issue.

DON’T:

Download pirated or cracked software – Not only does this type of software often include malware, but it also invalidates any PCI audit and Heartland warranty protection.

Click on pop-up windows that tell you that your computer is infected – Viruses often use pop-ups to install malware onto the user’s computer. To remove malware, users should go to the website for their antivirus software and follow the instructions provided.

Open unexpected email attachments and links – Unexpected email with an attachment or link should not be opened without verification from the sender.

Give information to "phishy" phone callers – Windows and other software vendors do not make direct calls to users. This social engineering hack is designed to obtain access to personal and secure information that can compromise PC security.

About Heartland Payment Systems

Heartland Payment Systems (HeartlandPaymentSystems.com), one of the largest payments processor in the U.S., provides the COA-endorsed card processing and payroll processing services for the California Optometric Association. The company also delivers business solutions and services to more than 275,000 business and educational locations nationwide. Contact Chad Preuss for additional information on products and services at 402-502-1514 .