When a credit card breach hits with unexpected problems, business owners have to move quickly into problem-solving mode. As a business owner, however, it can be daunting, like trying to put out a stove fire that also just spread to your kitchen window curtains.
Do you put out the stove first, or take care of the burning curtains so that the damage doesn’t keep spreading? In the case of a data security breach, it’s akin to either first tackling the breach itself or minimizing the damage to your reputation and keeping your customer’s trust. Both are priorities, so where’s a business to start?
The most dreaded things can happen in business, like what is recently happened with Chipotle’s possible credit card breach, or the InterContinental Hotel Group malware security breach of approximately 1,200 U.S. hotels. When a credit card breach occurs, it’s easy to get swept up in multiple directions that all need problem-solving powers first. Luckily, for business owners of all types, Payline is ready to share a few reference tips to follow should times get tough.
According to PaymentsSource, there is a triage protocol to adhere to following a credit card breach.
Initiate Lockdown
While stopping the actual breach may be the first instinct, and not a bad one, the first thing a business should really do is initiate lockdown. Secure all of the financial documents and credit card payment processing records in your possession for later reference, then go on to “put a plug the leak” or stop the breach. Leave no stones unturned, every little bit of information counts, so make sure you have everything you need to move forward.
Make an Assessment
Once you have stopped the breach and gathered up all documents, go through all of them with a fine-toothed comb, and assess the extent of the damage of the breach. Figure out what needs to be prioritized in terms of securing company assets, customer information and company data.
Also, it is critical to keep a log of your actions for future reference as you go through data breach triage, such as the dates and times that you met with different people to address the situation, what steps were taken and when, and so on. Transparency with a credit card breach is crucial to overcoming and recovering.
Call in the Troops
In this battle against the breach, it is an all hands on deck situation. In addition to all essential personnel from your business, call in reinforcements like your payment processor and consider hiring outside security consultants. Having multiple sets of eyes on the situation will help to determine whether this was an intentional cyber attack or a fluke glitch in the system. Also, be sure to stay in contact with the proper law enforcement officials to be sure that all actions and communications stay above board.
Communicate Clearly About the Credit Card Breach
When you broke a vase as a kid, it was hard enough telling your parents, but it was necessary. Once all of your business ducks are in a row, it’s time to tell your customers that the “vase” broke. Be prepared with statements to release regarding your plan to treat the data breach as well as answers to anticipated questions. It is important to be upfront and honest with all customers, and to not wait too long post-breach to do so. It will not necessarily be well-received news, but gone about the right way, it will be a much smoother experience for you and your customers moving forward.
In the wake of credit card payment processing security breaches like Chipotle’s, it is important to know the types of security risks your business is up against and prepare for them. Hackers, POS malware attacks, and pinpointing WiFi security are just a few among many things that it is the responsibility of your business to look out for, and when these things happen, there has to be a plan to triage the damage.
When you’re looking out for the payments and security needs of your business, consider Payline. With our multiple methods of secure credit card payment processing available, you may not ever need to use that data breach triage plan. We are committed to bringing you top-notch fraud protection and data security with our killer payment processing products. When you work with Payline, you’re working with a provider you can trust.
This piece was written by Lauren Minning, Content Specialist for Payline
