674: How to Secure Your Business: 4 Areas to Examine w/ Kevin Jones

ABOUT THIS EPISODE

In this episode we talk to Kevin Jones, President & CEO of Anovia Payments.

Click here to connect with this guest on LinkedIn.

Looking for a guaranteed way to create content that resonates with your audience? Start a podcast, interview your ideal clients and let them choose the topic of the interview, because if your ideal clients care about the topic, there's a good chance the rest of your audience will care about it too. Learn more at sweet fish Mediacom. You're listening to the B tob growth show, podcast dedicated to helping be to be executives achieve explosive growth. What you're looking for techniques and strategies or tools and resources? You've come to the right place. I'm Jonathan Green and I'm James Carberry. Let's get into the show. Welcome back to the BB growth show. We are here today with Kevin Jones. He is the president and CEO at a Novi in the payments Kevin, how you doing today? Go Sir, how are you? I am wonderful. So, Kevin, today we're going to be talking about, for specific areas that...

...businesses need to be looking at in terms of really securing their business. But before we get into that, I love for you to explain and why you're the guy to be talking about this. Can you tell our listeners what a Novia payments is all about. Absolutely. We're an organization that started, we were founded in two thousand and thirteen, so we're about five years old, and we formed the organization specifically to focus on small the midsize businesses so we could provide simple and secure payments. As the industries continue to change and evolved, you know, obviously security has become a much larger emphasis and when people are choosing their payment solutions as has to be able to integrate in a FRISH andless way. So we've built a lot of technology around trying to do this two things in a very, very good way and the industry leading way. And so we're a partner focused organization that focuses on integrating into software in certain verticals, such a healthcare non for profit, and also through other referral partnerships...

...such as financialist and to such. It all right, Kevin. So, before we dive into kind of the four areas that our listeners need to be looking at to make sure that their business is secure, the first one kind of talk about some background and a little bit of data around why this is something that people need to be paying attention to. Could you share some of what we were talking about offline. For our listeners, yeah, absolutely. I mean I think everyone is really perk their ears over the last two to three years to date. It is because it's been in a news so much. It's been a very visible part of our culture. Frankly, from from many of the large names that we've heard, but when you get down to the small to mid sized business level, it's really interesting that eighty seven percent of small to midsize business owners do not think their risk for being hacked.

Yes, statistically, Forbes showed last year that fifty percent were hacked at some point in their business cycle. So approximately half of the small to mid sized businesses that have had a cyber attack throughout a business within six months. So I think that shows the importance of taking this really seriously. From a breach perspective, just to give you a little bit of a fill for the volume of breaches that have occurred in two thousand and seventeen there are one thousand five hundred and seventy nine tract breaches and that was a forty four point seven percent increase over two thousand and sixteen. And then the shocking number is two thousand and sixteen was actually a forty percent increase over two thousand and fifteen. Wow. So you can hear, you can see that if there's been a steady increase in the number of data breaches that have occurred, and that's why it's really high on on people's list of things to really pay attention to make sense. So I, Kevin, I want to dive into the four specific areas...

...that people need to be looking at to make sure that their business is secure. This first area is on the payment side, really securing securing the payments Ie. Can you talk to us about how listeners can go about doing that? Absolutely, and there's been a lot of really good progression and evolution of what payments providers or providing to their merchants to enable them to be secure, and that's really come about because of PCI, which is the payment card industry data security standard, and that was formed really to reduce the risk of payment card data loss, but preventing, detecting and reacting to potential hacks. So one kind of false myth that's out there is that this only happens to large businesses, that only large businesses should have PCI, but in fact, small mustances are small mustans are frankly targeted. Quite often they may not be as good of a get for a hacker, but at the end of the day it is realized in that community that typically small the medium sized business have an...

...implemented security measures at the same rate as larger businesses. So it is somewhat of a popular attack. But that being said, most providers do now offer scans and consultation and PCI validation as well as updating to emd which, as everyone knows, you know, is inserting the card into the machine instead of Swiping it and or using a wallet. So the EMV protocol is as much more secure than the previous swipe protocol. All right, so so now let's talk about physical security. What are some what are some things that listeners need to be thinking about as they think about physical security? Absolutely, and aside note, a good part of the PCI validation protocol is that it walks people...

...through the physical security size as well. But the physical securities often overlooked as people look to encrypt or or do other things. But simple things on the physical security side, like keeping good inventory of all devices, limiting access to areas of sense of data information and equipment, putting together and documenting security and privacy policies, training their employees and then the details that we all know about the don't always follow, such as keyless entry, security cameras, updating firewalls, changing passwords and then backing updated of the cloud. Now those are some of the real simple things that people can do that make a huge difference in in a providing security. Got It all right? So this this third we going to talk about Kenn is best practices around cyber security. Tell us about these. Yep, cyber security is is a really hot topic and there's a lot of good information now on the Internet through good sources that can give people,...

I think, a lot of guidance relative to either products that are offered, I mean payments. Organizations are starting to offer sybag security products. We do a lot do and that's very valuable, specifically down to the S and B space. But from a best practice this perspective, you know, the Sim most simple of course, as an antivirus software to protect against viruses and spyware. The second is is firewalls to secure networks. Really Training Super Important, which would be classifies third and fourth is establishing internal controls, protecting sensitive information and then educating your team on cyber threats and including some level of accountability to to them holding up their part, because a lot of the cyber attack and packs occur because employer strong passwords that you change often as much of a pain as hits for people to coming every thirty days and have to change that password. It's a very proven effective way to really Pete keep you people out...

...of your your system, making backup copies of important information, controlling cystical access to network components. And then this one gets overlooked a lot of protect all pages of your website. So many people just do protection or encryption on the checkout and sign up pages, but they leave the other pages open and, as usually, holes that they can maneuver themselves into the areas they want to be. So putting protection on the entire website and then, obviously, as creating a disaster recovery plan is really important. Okay, is it typically like? Does it would it take bringing in a consultant to kind of make sure that all this stuff happens? You do hire somebody in house to take care of this? Like how to folks, you know what's the best course of action for implementing the stuff that you've been sharing. I think from a from a small merchant perspective, you know, they're not going to be in a position to afford consultants and such. So for them that's really what PCI validation...

...was formed for. If they if their payments processor offers PCI, it's usually very affordable and can walk them through, you know, the entirety of what we've talked about today. So I think that that is what usually see happening from an S and B perspective. And then when it gets to, you know, the larger merchants, obviously the targets and and and really large enterprise merchants, they typically would be advised to bring someone into really have a strategy around security. The reason for that is because in the large organizations like that, what typically happens they'll successfully secure their payments gateway, but then what they do is they attach other things to that gateway so they can drive data from it on their customers, so they can communicate with the customers, offer rewards to their customers, and they often forget to do equal security on things connecting...

...into that, and that's where really problems can arise. All right, so so this last piece that we're going to talk about Kettn is around securing online reputation. This is something that that I'm sure the marketers listening their their ears are going to perk up with this part. Talk to us about this last part. Yeah, and this is good. Gotten to be more and more important because, you know, the research we've done shows that ninety five percent of consumers now research their products and businesses online prior to making the purchase. So online reputation is really important. And what surprised me is that eighty four percent of people trust the online reviews as much as a personal recommendation. So obviously, kind of with the jokes that are going on in the news today with what's fake and what's not, it is true that when people read something, even if it's from an unreliable source, that tips typically trust it. So the reason I think online reputation is so important is that you have a sort of a novel agation to put positive things about your company out on the web so that if there are already negative reviews, frankly, you can counterbalance...

...them. So you know, what I usually tell people is to build a wipe widespread online presence with positive, you know, very positive balance about the things you want to talk about about your company, your employs, your products, etc. Secondly, to optimize their website so that people can find it easily. Creating a blog's great because I think it's sends a true message about the personality of your of your organization, using testimonials, which does the same thing, of course. And then I think it's really important to interact and respond. And many organizations, I mean like ours, have analytics and and online reputation products that really enable people to go on easily see and monitor of six or seven different social sites and if anyone types their business as name in or has a response relate to their business, you know, to alerts them...

...so they can respond, you know, as they like. It's really important to interaction respond so that even if there's an even if an error was made on your part, or if you know there was a false claim of an error, that you have an opportunity to just respond to your customer sy that you care. Got All right, Kevin, this has been fantastic. I really appreciate your time. If there's somebody listening to this, they want to stay connected with you, they want to learn more about a nobia payments what's the best way for them to go about doing that? Yeah, if I reably, I mean obviously linkedin or, you know, our twitter. Gotta Love It. Awesome. Kevin. Will again thank you so much for your time. This has been incredible and I really appreciate it. Okay, thank you so much. Take care. There are lots of ways to build a community and we've chosen to build the be tob growth community through this podcast. But because of the way podcasts work, it's really hard to engage with our listeners, and without engagement it's tough to build a great community. So here's...

...what we've decided to do. We're organizing small dinners across the country with our listeners and guests. No sales pitches, no agenda, just great conversations with like minded people. Will Talk Business, we'll talk family, will talk goals and dreams, will build friendships. So if you'd like to be a part of a BEDB growth dinner in a sitting near you, go to be to be growth dinnerscom. That's Bob Growth dinnerscom. Thank you so much for listening. Until next time,.

In-Stream Audio Search

NEW

Search across all episodes within this podcast

Episodes (1802)