Thousands of SMBs are woefully behind in protecting the data they collect and sometimes store, and cybercriminals are loving it. With a relatively easy path to a data breach at one or more of these small to midsize businesses, hackers can gain access not only to that company’s stash of financial and other personal information, but perhaps enter the systems of larger partners, as well, as in last year’s Home Depot data breach.
As the number of these breaches rises, so does the toll on the very existence of these companies; 60 percent of small businesses that have experienced a breach, says the National Cyber Security Alliance, go out of business within six months.
Insurance products are one avenue that more corporations are taking in order to mitigate the risk from a future data breach.
Another tack, often more within reach for smaller businesses, is a warranty provided through a service provider. Heartland Payment Systems is providing a breach warranty, Heartland Secure, to customers of its payment processing services. The warranty, which requires that customers process payments through a Heartland Secure-certified device, relies on a three-pronged approach:
Should a breach occur under these protections, the warranty provides for reimbursement to the merchant “for the amount of compliance fines, fees and/or assessments the merchant must pay to the card brands, issuing banks and acquiring bank(s).”
Michael English, executive director, Product Development, Heartland, explained in a statement on the warranty:
“Many small business owners aren’t aware of the magnitude of data security breaches or the potential liabilities lurking around the corner. Damage to a company’s reputation can be catastrophic, and the fines can be overwhelming. By combining EMV, encryption and tokenization, Heartland eliminates clear text-card data from the merchant’s point-of-sale system and network. As we have seen in recent breaches at major retailers and restaurants, it is difficult to maintain a secure network. Through encryption and tokenization, a merchant eliminates clear text card data so if their network is breached, there is no card data to steal and monetize.”
Heartland is, it claims, the first service provider to offer such a breach warranty to payment systems subscribers.
Kachina Shaw is managing editor for IT Business Edge and has been writing and editing about IT and the business for 15 years. She writes about IT careers, management, technology trends and managing risk. Follow Kachina on Twitter @Kachina and on Google+