FINANCE

NRF and First Data release small business data security survey

BY CSA STAFF

New York City — An overwhelming majority (86%) of small-business respondents (86%) say that keeping their customer card information secure and feel payment-card data security is important to their business. But 60% are unaware of the costs they could incur in the event of a breach. Those are among the results of a research study of data security and fraud-prevention strategies practiced at small- to mid-sized retailers. The study is from the National Retail Federation and First Data Corp.

While two-thirds (66%) of respondents to the survey claimed awareness of the Payment Card Industry Data Security Standard (PCI DSS), only 49% of respondents had completed a self-assessment at the time of the survey. Among those who had heard of PCI DSS; however, 42% did not know that merchants are obligated to conduct the self-assessment annually and 41% had not heard of the recent change in regulations.

The survey also showed there appears to be some confusion among retailers regarding the liability costs in the event of a data security breach. More than 60% of these smaller merchants did not realize that credit-card companies are authorized to fine their business a per-card fee for every card that has to be canceled if it is determined that they are the source of a data breach. According to the 2009 U.S. Cost of a Data Breach Study by the Ponemon Institute, the average cost for merchants coping with a data breach in 2009 rose to $6.7 million with the cost per customer record breached estimated at $204.

Restricting physical access to cardholder data and using anti-virus software were the two most frequently reported protection methods (76%). Other practices toward the top of the list were restricting access to cardholder data by business need to know (67%); developing and maintaining secure systems and applications (64%); and maintaining a policy that addresses information security (63%). Of those who electronically store cardholder data, 68% also take steps to protect that data and 53% use encryption technology.

More than 4% of respondents reported having been a victim of any one type of fraud listed in the survey. Although the percentage appears low, it equates to a potential one million small businesses being impacted. The latest Federal data estimates there are approximately 24.6 million small businesses currently operating in the United States.

Physical theft or tampering with terminals and computer viruses, including malware, were the top two fraud and security incidents experienced by respondents at 37% and 22%, respectively. Employee misuse or theft of card data accounted for another 17% of incidents.

"Our survey results illustrate that smaller retailers take protection of their customers’ sensitive payment card data very seriously and continue to add more layers of security to their business operations," said Mark Herrington, senior VP global product management and innovation, First Data. "The finding we found most intriguing was the confusion around the potential liabilities in the event of a data breach. We’re confident that continued education in the payments industry will raise awareness of the importance of annual self-assessments and the right mix of data security and fraud prevention tools."

The majority of survey respondents represented less than $500,000 in payment-card sales annually through both card-not-present (CNP) and in-person transactions.

keyboard_arrow_downCOMMENTS

Leave a Reply

No comments found

Polls

Consumer confidence is high. Is that reflected in your stores’ revenues?

View Results

Loading ... Loading ...
REAL ESTATE

Readers Speak Out: Is driving responsible growth consistent with your 2011 objectives?

BY CSA STAFF

The Dec. 23 edition of SiteTalk referenced a recent survey, which found that driving responsible growth, in addition to protecting and building the brand, is a chief priority for retailers in 2011. We asked you, our readers, if that priority was consistent with your 2011 objectives. Here is what one reader had to say.

"Throughout my career, both in corporate real estate and now as a broker, I always tried to locate or approve sites that supported the growth plans and operational needs of my customer. When I was responsible for corporate growth, not a day went by without someone calling to offer what has to be the best location conceivable for one of our facilities. I still get those today. We have all heard the pitch: "I have this location that would be great for you. It is located in front of, or beside, or next to the highest volume XYZ Location or retail outlet in the system. You would do great here." When asked what they base this judgment on, the response was usually, "Because the XYZ Company is doing such a bang-up job."

Then, as well as now, I have always thought and taught that unless the Real Estate group has an understanding of the company business and the target customer, it will be hard-pressed to make an effective argument against this reasoning. To be effective, the Real Estate group has to understand the company’s business. The expansion plan is very closely interrelated to all other business objectives. In order to make a good business decision relating to the company’s investment in the proposal, the company’s business objective must be understood.

Early in my career, back in the last century, I read a paper written by Howard L. Green who underscored this point in the book, Guide To Store Location Research. Although published in 1968, the recommendations he made should be in place today as we move “back to the basics” or become engaged in the “New Normal” in today’s business world. Green stated:

Appropriate financial and sales objectives of a retail firm that should be considered in retail site selection include the following:

1) Make enough profit

  • To grow by renovating, expanding, or relocating an existing store, or building a new store in untapped portions of the market, or by expanding into markets new to the firm.
  • To invest in new and improved supporting distributive facilities and to insure an appropriate supply of merchandise, as needed.

2) Realize a satisfactory return on investment.

3) Increase amount of sales and the number of customer transactions.

  • Retain old and attract new customers.
  • Increase the amount and/or quality of merchandise sold to each customer."

— Terry L. Conley MCR, CCIM
TLC-The Location Connection, Inc.
Cassville, Ga.

keyboard_arrow_downCOMMENTS

Leave a Reply

No comments found

Polls

Consumer confidence is high. Is that reflected in your stores’ revenues?

View Results

Loading ... Loading ...
REAL ESTATE

Disney to debut interactive store design in 25 locations in 2011

BY CSA STAFF

Pasadena, Calif. — Disney Store will open more than 25 new and remodeled locations around the globe in 2011. The stores will feature the company’s updated store design, which features an array of interactive and immersive experiences. The company ultimately plans to transform all its 350+ locations to the new concept.

“Guests told us that we brought the magic back to Disney Store with the launch of our new design, and they responded by staying in the stores longer and purchasing more,” said Jim Fielding, president, Disney Stores Worldwide.

Among the locations slated to open in 2011 will be the company first-ever stores in Copenhagen, Denmark; Dublin, Ireland; and Antwerp, Belgium. On the home front, Disney will make its debut in the Mall of America, Bloomington, Minn.

keyboard_arrow_downCOMMENTS

Leave a Reply

No comments found

Polls

Consumer confidence is high. Is that reflected in your stores’ revenues?

View Results

Loading ... Loading ...