A growing number of types of fraud are being perpetrated by electronic means. Hacking, slamming (changing your telephone service without your knowledge), phishing (acquiring user names, passwords and credit card information), identity theft and other forms of business fraud are some of the most difficult to control. More businesses are being held accountable for data breaches perpetrated by third parties, as 46 states (Idaho Statute §§ 28-51-104 to 28-51-107), the District of Columbia, and some U.S. territories now have laws on the books requiring companies to notify potential victims if their personal information has been stolen or otherwise compromised.
The merchant is always responsible for security of the Internet-connected PC where customer personal information is stored. Virus protection and a firewall are the minimum requirement. To be absolutely safe, businesses should store sensitive information and customer details on zip-disks, on a physically separate PC or with a commercial file storage service. Always keep multiple back-ups of essential information, and ensure they are stored safely off-site.
Security is a worrisome, costly and complicated business, but a single lapse can be expensive in lost funds, records and reputation.
