Small business owners are 100 percent responsible for their customers’ personal information and credit card data. One of the biggest myths is that security is tied solely to credit card information. The Payment Card Industry (PCI) Security Council will be the first to point out that it is as much about the personal information of your customers as it is about their credit cards. At the end of the day, banks can be a safety net if someone were to get your customers’ credit card information. Unfortunately, there isn’t a safety net if personal information is stolen from an online business.
PCI compliance is still a misunderstood concept. While there is plenty of material available on the topic, a small group of people have most of the information. History shows us that when this type of situation occurs in the marketplace, a lot of people end up buying services that don’t help at all. If your credit card company, ecommerce provider, hosting company, bank or other provider offers you a new service to assist in maintaining PCI compliance, simply ask the following question. “By purchasing this service, are you guaranteeing that you will pay for any fines or loss of business I might suffer if my online store becomes compromised?”
More often than not, the answer will be no. So why would you pay money for something that won’t help you with the problem? The answer is lack of knowledge. Most small business owners don’t have enough time to run their stores, much less to keep up with the security requirements for maintaining an online business. As a result, when a service provider approaches an online businessperson about a new service to secure it customers, it scares many business owners into purchasing it.
The first step
The bottom line is this: online retailers must find the time and take responsibility for protecting their customers. For ecommerce, be sure you are using a PA DSS (Payment Application Data Security Standard) certified application or a business that is PCI DSS certified. That is the first step. After picking the right ecommerce provider, you must take control of the rest of your customers’ security. This can be achieved by going through the PCI DSS process to get your business certified.
Pinnacle Cart, for example, carries the PA DSS certification and works with hosting companies that are PCI DSS compliant. Still, it does not have control over its own destiny. If the company it uses decided to stop offering PCI DSS hosting, Pinnacle Cart would be forced to spend a lot of money moving customers to another data center. To gain control of its security, the company is working on becoming PCI DSS compliant. The process isn’t easy and it costs money, but the return on investment will come to any business that commits to the process. You can show your compliance on your website like a badge of honor, and you will likely see an increase in website conversions.
Mike Auger is president and CEO of Pinnacle Cart, a hosted shopping cart and ecommerce software application that allows you to create, manage and effectively market your business. www.pinnaclecart.com.
View article published in Independent Retailer: http://bit.ly/ecommercesecurityPosted on: No Comments
This is a follow up to a previous blog post “Time = Money” and I will be talking about out integration with Salesforce and the mixed bag it has brought us. I also think it points out the challenges in the new business model of enterprise software providers and the 3rd party developer “app centers.”
We began using Salesforce approximately two years ago with a goal of collapsing business systems into one enterprise level application that could scale with our business.
Two years later I can say we are a bit more efficient, but the idea of a dream system that handles all of our business needs is just that – a dream. The reality is that we all have unique businesses and when you bring your unique business case to the system and it can’t handle it you either have to contract someone to build the integration or find a 3rd party application that works. This process is where you start losing all of the time you feel you are saving.
You spend days and weeks finding, demoing and getting quotes for the right application to serve your business need. I call this type of integration “stove pipe” because it communicates to just the part of the software that is required to make it work, but not the rest of the application. Through the time suck process you find it functions well, works as advertised, but there are a lot of issues when you get it into the real world. Let me just mention a few.
1. The enterprise software has forced us to go create new vendor relationships to get their “enterprise” solution to work for our business. Ok, so in our case we have three new vendor relationships that need to be managed, developed and cultivated. Fantastic, what a great savings in time…
2. User Interface. With three new companies comes three new ways to interface with the application, how lovely. In our case it is a phone system and live chat. Both interact differently and both have a distinctly different interface. Yes, we are even more excited about all the new training for our sales and support team…
3. Deep reporting. This is the real challenge as the data we collect won’t necessarily be available for reporting. In almost every case, integration includes adding new “custom” fields that won’t pull down to the core reporting that comes with the enterprise software. The answer? Export all data into a NEW database and extract.
I know this sounds like a rip session on Salesforce. Without a doubt, we have our challenges with their system but this isn’t unique to Salesforce. That is the real problem. The enterprise software industry sees a lot of value for their business through this model and therefore the customers come last. They can front a veiled effort to say “look what we have done for you – all of these developers and their applications.” But when you really start analyzing what it really “does for you,” you spend a lot of time drinking! What you really want is a one-stop solution for your business, managed with one relationship to save you time.
We are the solution.
It should be our goal to make software that gets out of your way so you can do what you do best. When you have needs, you come to us for the services you need and we go back to getting out of your way.
In our space Big Commerce and Shopify are two examples of companies that are building out “app centers” for mission critical features that will cost you more time and money. This takes me all the way back to the original argument about why we’re different and on a unique path. We are truly committed to our customers and just like our business, we are creating software that will save you time. But what does it mean?
It means our core features will be CORE to the software, not through a 3rd party developer halfway around the world. It also means that WE are offering the custom services that are unique to your business.
Need an example? Our integration with Quickbooks automatically syncs your orders, customers and product data. Our competitors will provide you with an affiliate link to a 3rd party application so you can pay more, add a new relationship to manage and you will get new software to learn. OR, you can keep paying us the same monthly fee, with no new relationship that sucks away more time. If you are a Quickbooks user, what would you do with your business if we gave you back two weeks a year simply by using Pinnacle Cart?
We are thoroughly committed to ensuring all core elements a small business needs to sell online will be in our application. We believe by giving you more time back you have a greater chance for success and therefore a customer of ours for a much longer time!Posted on: No Comments
I know, it sounds like some old cliché coming from a business owner, but give me a bit of leeway here for making my case.
Today, I’m proud to announce our team has released version 3.7.11 of Pinnacle Cart. In our continued effort to get you more time back, the advancements in this release are really amazing.
For almost a year now, we’ve been working directly with Intuit and their Quickbooks team. As an Intuit finalist for Application of the Year in 2010, we released the eCommerce software integration through their app center last August. Since that time we’ve been working on a more integrated approach and the hard work is in this new release. The Quickbooks shopping cart integration automates the entire process of synching customer and order data between the shopping cart and your Quickbooks application (both desktop and online). You set it up once and forget about it (I kinda sound like an infomercial), but it’s literally that simple. When we looked at our average customer and time it takes to manually export orders from the platform and import it to Quickbooks, we calculated a savings of almost two weeks worth of time per year. How much more money can you make for your business when we give you back 2 weeks? I would love to hear what you could do for your business with 2 extra weeks per year so email me – mike @ pinnaclecart.com
The Quickbooks eCommerce feature is a hard act to follow, but we do have more.
You will definitely notice changes to the admin area. We certainly needed to start the process of this makeover in the account area, but we also will be saving you more time with this change. We have parsed through a lot of data and surveyed many of you regarding features of the cart you use on a regular basis. The end result is a platform that is even easier to use because we’ve collapsed or hidden the cart features that are used rarely. Instead of having to take time and review all the features, the most used will be displayed at the top while the rest will be available by drop down.
This is just another example of our commitment to create something that really matters to the business owners in our industry. We’re comforted in letting the other shopping cart software platforms battle in a feature war while we continue focus on an eCommerce ecosystem with features that make you money or changes that save you time.
Next week I’ll be offering our real world example of integration with Salesforce with a goal of “saving time” and what the end result has been. I think you’ll find it to be an eye opening look at the SaaS industry and a perspective you haven’t read about.
President & CEO