Professional Documents
Culture Documents
Paymerang "Are Your Business Payments Safe?" Webinar
Paymerang "Are Your Business Payments Safe?" Webinar
Paymerang "Are Your Business Payments Safe?" Webinar
3
FRAUD IS EXPLODING
Source: Forbes
4
FRAUD RISK IS HIGHER THAN EVER
5
What is the biggest security threat to your business?
a) Phishing
b) Business Email Compromise (BEC)
c) Malware
d) Distributed Denial of Service (DDoS)
in partnership with
7
AGENDA
8
FOUR LAYERS OF PROTECTION AVAILABLE
9
PROTECT THE PAYMENT
HOW: Enroll in the Positive Pay service at the financial HOW: Register to use ACH payments with the bank account
institution where check payments are sourced. where payments are sourced and take additional steps to protect
the payment information (i.e. encrypt sensitive data).
10
SECURE THE OPERATIONS
HOW: Use a combination of a clean desk policy, removal HOW: Verify any anomalous changes made to vendor account
of all payment information from open office view, and a information before processing payments. Assign fraud scores
certified shredding service. based on recent account changes.
TRAINING PROCEDURES
WHY: The payment team members are an important line WHY: To ensure operational controls are present throughout the
of defense for ensuring a secure operation. payment process.
HOW: Conduct security awareness training by qualified HOW: Set up all payment processes with multiple approvals,
staff on a regular basis to ensure team is aware of threats single payment limits and segregation of duties. Implement job
and how to detect suspicious links or fraudulent email rotation and cross-training for payment team members.
addresses. Provide ongoing payment threat awareness Appropriate access controls.
information so the team knows what is considered
suspicious and are ready to respond to it.
11
FORTIFY THE NETWORK
12
LOCK DOWN COMPLIANCE
NACHA PCI
WHY: To ensure automated payments are processed WHY: If payment cards are processed or stored there is a security
in a trusted and controlled environment. standard mandated by the Payment Card Industry (PCI) that must
be attested.
HOW: Process payments using the ACH Network which
maintains the highest level of safety and security for its HOW: Implement the PCI Data Security Standard (PCI-DSS) to
participants through governance oversight by NACHA. ensure that cardholder data is maintained in a secure environment
accordingly.
13
Are you 100% confident your payments are fully
protected?
a) Yes
b) No
in partnership with
15
PRACTICAL STEPS
• Positive pay • Clean desk and secure documents • Antivirus Software and whitelisting • NACHA - read it, learn it, train it
• Use one-time use, preloaded • Utilize certified shredding service technology • Do not store banking data if you can
virtual cards • Verify anomalous changes • Vulnerability management program avoid it
• Encrypt account information • Assign fraud scores • Security posture scanning • PCI- Secure cardholder data
• Verify vendors before making • Suspicious links and fraudulent email • Software patching • SOC 2- Security controls for integrity
changes detection training • Expert penetration testing and confidentiality
• Limit employee access • Multiple approvals • Spam and phishing defenses • OFAC- Know your vendor and where
• Require approval for changes • Single payment limits • Email encryption your money is going
16
Next
Steps
in partnership with
18
Would you like to learn more?
a) Yes
in partnership with b) No
SECURING YOUR FUTURE PAYMENTS FROM
FRAUD
Crush Payment Fraud in 2019 and beyond…
CONTACT US
Matthew Kirkpatrick
Vice President
(804) 868-5794
mkirkpatrick@paymerang.com
20