Pub. 57 2016-2017 Issue 3

29 SPRING 2017 8. Employ best practices on payment cards. Work with your processor to ensure the most trusted and validated tools and anti-fraud services are being used. You may also have additional security obligations pursuant to agreements with your bank or processor. Isolate pay- ment systems from other, less secure programs, and don’t use the same computer to process payments and surf the Internet. 9. Limit employee access to data and information, and limit authority to install software. Do not provide any one employee with access to all data systems. Employees should only be given access to the specific data systems that they need for their jobs, and should not be able to install any software without permission. 10. Require employees to use unique passwords and change passwords every three months. Consider implementing multifactor authentication that requires additional information beyond a password to gain entry. Check with your vendors that handle sensitive data, especially financial institutions, to see if they offer multifactor authentication for your account. The FCC also offers tools to create a free customized Cyber Security Plan to help protect for your small business and your customers.  The FCC also offers tools to create a free customized Cyber Security Plan to help protect your small business and your customers.