A SecurityMetrics study could point out to your next security opportunity-- credit card info encryption for businesses and retailers.
The study shows 71% of participating merchants storing unencrypted payment card data in 2011, an 8% increase over 2010. Retailers failing to encrypt payment card data violate Payment Card Industry Data Security Standard (PCI DSS) requirements, and maybe be subject to penalties after a compromise-- not to mention the risks for their customers.
SecurityMetrics says the study found over 370M unencrypted cards on business and home networks, with a single network scan finding over 96M cards in one go.
The discovery of unprotected cardholder data indicates improperly designed or configured payment applications, a non-PCI compliant payment application or improper card handling from employees.
"Today's business landscape is littered with merchants that don't know exactly what's on their system," SecurityMetrics says. It can be up to you to educate retailers on such credit card info-related risks-- before selling the solutions required.