“The No. 1 mistake I see is people buying machines and software, installing it out of the box and not reconfiguring it for security,” says Tom Arnold, founder of Payment Software Corp., a San Jose, Calif., firm that provides payment consulting services.
Another basic step is to try to use the most current operating system. For example, if a business uses Microsoft Corp. software, it should consider upgrading to Windows XP. The most up-to-date version has a number of built-in security features, including a firewall that allows a business to block access to information like customer data and the company’s financial information.
Encryption helps protect a company’s data from intruders and prevent hackers from intercepting customers’ financial information during a transaction. For some time, pressure has been building on businesses that operate online to encrypt customer data. California passed a law in 2003 requiring companies to notify customers in the state if their unencrypted data have been compromised, and many states have since passed similar laws. And Visa USA and MasterCard International Inc. now require most businesses operating online to verify that they have taken a number of steps, including data encryption, to protect customers who use their credit cards.