![datathief guide datathief guide](https://guides.gamepressure.com/warframe_game_guide_and_walkthrough/gfx/word/619028815.jpg)
Want to learn more about how the PCI DSS applies to your business? The bottom line is this: If your business is set up to accept customer payment via credit card then your business is obligated to achieving and maintaining compliance with the PCI Data Security Standard. That’s because the technologies they employ make it just as easy for them to break into thousands of unprotected small businesses as it is to break into one large business processing many transactions. When it comes to vulnerable businesses, hackers also focus on the “how” of payment processing rather than the number of cards being processed. In this scenario, the risk is much higher and the PCI burden is also much higher, requiring a properly configured firewall, tracking of third party service providers, quarterly vulnerability scanning, answering at least 139 questions within an SAQ C, etc.
DATATHIEF GUIDE FULL
Where it gets out of whack is when a business takes just a few payment card transactions, but then uses a full blown POS system on one PC that also has wide open access to the internet. The methods described above are relatively low risk and low burden.
![datathief guide datathief guide](https://guides.gamepressure.com/gfx/box/401.jpg)
Your business has to pay for a forensics investigation to determine how the breach occurred and exactly how many credit cards were compromised.The card issuing banks are out hundreds of thousands of dollars for the fraudulent charges they have to pay back to consumers.Just like that, the cost/benefit ratio changes: I’ll explain further down why this is not the case.) (A common misconception is that hackers don’t target small businesses. A data thief locates one of your security weaknesses and steals the data from all 100 cards. In that time, your business has not followed the basic security steps of the PCI DSS, nor has it validated its compliance with the standard. In my example above, your business has processed 100 cards in a year’s time. Should a breach occur, are you prepared to experience a rapid turn of events? Let’s assume your business processes about 100 credit/debit card transactions per year and you’ve determined that the cost to comply outweighs the benefit to you, your bank, and even your customers as a whole. In other words: Should a business accepting “a few credit cards here and there” pay fines and penalties after a breach, since they opted to use a risky system without understanding that it needed to be secure? The cost/benefit ratio can change in an instant. If you don’t handle those keys safely and a bad guy copies the keys and wipes out the safe, then whose fault is it? Taking one single credit card transaction is like someone handing you the keys to their safe, where they keep their money, and asking you to carefully take out just the amount you are owed. Either way, it’s an important question to address, because every small business owner who accepts even a single credit card for payment should understand their role in the security of that information. Some wonder quietly and some more vocally.
![datathief guide datathief guide](https://i.pinimg.com/originals/fd/c2/fa/fdc2fa847521912c303c7a5681ef0b5b.jpg)
Many small business owners wonder why they would ever need to comply with a security standard like the PCI DSS. “Bureaucratic bull crap.” “A waste of my time.” “Simply not relevant.”