I’ve spoken to many small business owners about the Payment Card Industry Data Security Standard (PCI-DSS). In an entirely unscientific study, I’d say that of those people I’ve spoken with, 99% of them had never heard of PCI. What’s more interesting is that the majority of them were certainly interested after we had chatted about the importance of keeping payment card data secure.

Of course, it’s difficult to have the discussion without touching on the scale of the problem. I’m talking of course about the relative ease by which credit card numbers can be obtained for fraudulent purposes. This was reinforced today, when, a trusted security professional happened to share a simple Google search. In this case, a simple 56-character URL that brought up a surprising bounty of credit card and identity information…

You’ll notice that I’ve blanked out any sensitive information… but think about this. Each black mark you see in the screenshot, that’s credit card numbers, expiry dates, CVV2 codes, addresses, card names, telephone numbers, e-mail addresses and even things like mother’s maiden name! With just a quick Google search, we’re able to find a raft of sensitive data.

Through awareness and education, we can help influence businesses to take protection of critical data (such as payment card information) seriously.