Back
Next

1 / 9
Secure Practices for Retail Associates

Lesson Overview

This lesson describes the security awareness responsibilities of retail associates and the laws, regulations, methods and best practices that help keep information secure. You will learn about two main topics:

  1. Your Responsibilities
  2. Becoming an Information Security Guard

2 / 9
Section Objectives

By the end of this section, you will recognize your security awareness responsibilities.

Topics

  • Remember, It's the Law
  • Be Accountable

3 / 9

You should be aware that there are laws and regulations that protect sensitive information.

Instructions

Roll over each topic to learn more.

***l optionWidget***r ***l options***r ***l option***r ***l optionTitle***r Laws & Regulations***l /optionTitle***r ***l content***r ***l p***r Failure to protect sensitive information may be a violation of state privacy laws and federal compliance regulations, such as Sarbanes-Oxley and HIPAA, and industry regulations such as the Payment Card Industry Data Security Standard (PCI DSS).***l /p***r ***l br/***r ***l /content***r ***l audio***r ***l /audio***r ***l /option***r ***l option***r ***l optionTitle***r PCI DSS***l /optionTitle***r ***l content***r ***l p***r In your role, you will be most concerned with the PCI DSS, which is a set of requirements designed to protect cardholder data.  ***l /p***r ***l br/***r ***l p***r According to the standard, you are required to be aware of security best practices.***l /p***r ***l br/***r ***l /content***r ***l audio***r ***l /audio***r ***l /option***r ***l option***r ***l optionTitle***r Non-Compliance***l /optionTitle***r ***l content***r ***l p***r A business that is non-compliant with the PCI DSS may face fines, sanctions, lawsuits and even increased cost of doing business.
***l /p***r ***l br/***r ***l /content***r ***l audio***r ***l /audio***r ***l /option***r ***l /options***r ***l /optionWidget***r ***l altTags***r ***l closeAlt***r ***l /closeAlt***r ***l instructAlt***r ***l /instructAlt***r ***l submitAlt***r ***l /submitAlt***r ***l playPauseAlt***r ***l /playPauseAlt***r ***l muteUnmuteAlt***r ***l /muteUnmuteAlt***r ***l replayAlt***r ***l /replayAlt***r ***l stepPrevAlt***r ***l /stepPrevAlt***r ***l stepNextAlt***r ***l /stepNextAlt***r ***l restartAlt***r ***l /restartAlt***r ***l /altTags***r
4 / 9
***l root***r ***l gui***r ***l interface***r ***l stage/***r ***l top src='' border=''/***r ***l left src='' border=''/***r ***l right src='' border=''/***r ***l bubble path='../images/swf'/***r ***l /interface***r ***l context***r ***l text***r ***l p***r You have already learned that information security is a means of keeping information safe from wrongful use and ensures that access to sensitive information is securely monitored and controlled. You have also learned that security awareness is the ability to recognize information security risks and take protective measures to guard the sensitive information you work with every day. ***l b***r ***l i***r ***l e***r But what about your role?***l /e***r ***l /i***r ***l /b***r ***l /p***r ***l br/***r ***l /text***r ***l font face='arial' size='11' color='0x000000' bold='false' underline='false' italic='false' bgcolor='0xffffff'/***r ***l /context***r ***l instructions***r ***l text***r ***l p***r ***l b***r Instructions***l /b***r ***l /p***r ***l br/***r ***l p***r ***l i***r Click Begin to view a conversation about your information security responsibilities. The forward arrow allows you to move through the dialogue. Unmute your audio if you would like to listen to the dialogue.***l /i***r ***l /p***r ***l br/***r ***l /text***r ***l font face='arial' size='11' color='0x000000' bold='false' underline='false' italic='false' bgcolor='0xffffff'/***r ***l /instructions***r ***l feedback***r ***l text***r ***l p***r ***l i***r You will learn more about each of your responsibilities in the following section.
***l /i***r ***l /p***r ***l br/***r ***l /text***r ***l font face='arial' size='11' color='0x000000' bold='false' underline='false' italic='false' bgcolor='0xffffff'/***r ***l /feedback***r ***l person name='Dave' img='../assets/avatardave.png'***r ***l font face='arial' size='11' color='0x000000' bold='false' underline='false' italic='false' bgcolor='0xffffff'/***r ***l /person***r ***l person name='Learning Advisor' img='../assets/avatarla.png'***r ***l font face='arial' size='11' color='0x000000' bold='false' underline='false' italic='false' bgcolor='0xffffff'/***r ***l /person***r ***l /gui***r ***l speech***r ***l dialogue person='Dave'***r ***l text***r ***l p***r I understand information security and what security awareness is, but what does any of this have to do with me?***l /p***r ***l br/***r ***l /text***r ***l feedback***r ***l /feedback***r ***l audio***r ../assets/12_4_1.mp3***l /audio***r ***l /dialogue***r ***l dialogue person='Learning Advisor'***r ***l text***r ***l p***r Any time you log into your sales register, swipe a credit card or provide a customer a sales receipt, you are handling information that must be protected. ***l /p***r ***l br/***r ***l /text***r ***l feedback***r ***l /feedback***r ***l audio***r ../assets/12_4_2.mp3***l /audio***r ***l /dialogue***r ***l dialogue person='Dave'***r ***l text***r ***l p***r I always figured security was someone else's responsibility.  ***l /p***r ***l br/***r ***l /text***r ***l feedback***r ***l /feedback***r ***l audio***r ../assets/12_4_3.mp3***l /audio***r ***l /dialogue***r ***l dialogue person='Learning Advisor'***r ***l text***r ***l p***r As a person who handles sensitive information every day, security is your responsibility. If you are ever unsure if the information you are handling is confidential, assume it is.
***l /p***r ***l br/***r ***l /text***r ***l feedback***r ***l /feedback***r ***l audio***r ../assets/12_4_4.mp3***l /audio***r ***l /dialogue***r ***l dialogue person='Learning Advisor'***r ***l text***r ***l p***r Consider yourself an information security guard, following secure practices and keeping a watchful eye on the information around you.***l /p***r ***l br/***r ***l /text***r ***l feedback***r ***l /feedback***r ***l audio***r ../assets/12_4_5.mp3***l /audio***r ***l /dialogue***r ***l dialogue person='Dave'***r ***l text***r ***l p***r Okay, that makes sense. But what exactly are my responsibilities?***l /p***r ***l br/***r ***l /text***r ***l feedback***r ***l /feedback***r ***l audio***r ../assets/12_4_6.mp3***l /audio***r ***l /dialogue***r ***l dialogue person='Learning Advisor'***r ***l text***r ***l p***r You are responsible for conducting secure transactions whenever you handle a credit card.  If you suspect the information you work with may be at risk, you should take action according to your employer's policies and procedures.  Finally, it is your job to use security best practices every day.  ***l /p***r ***l br/***r ***l /text***r ***l feedback***r ***l /feedback***r ***l audio***r ../assets/12_4_7.mp3***l /audio***r ***l /dialogue***r ***l /speech***r ***l titleBox***r ***l instrTitle***r Conversation: Who Is Responsible?***l /instrTitle***r ***l feedTitle***r Learn to Become an Information Security Guard***l /feedTitle***r ***l /titleBox***r ***l /root***r ***l activityAudio***r ***l instructionAudio***r ***l /instructionAudio***r ***l feedbackAudio***r ***l /feedbackAudio***r ***l /activityAudio***r ***l altTags***r ***l closeAlt***r ***l /closeAlt***r ***l instructAlt***r ***l /instructAlt***r ***l submitAlt***r ***l /submitAlt***r ***l playPauseAlt***r ***l /playPauseAlt***r ***l muteUnmuteAlt***r ***l /muteUnmuteAlt***r ***l replayAlt***r ***l /replayAlt***r ***l stepPrevAlt***r ***l /stepPrevAlt***r ***l stepNextAlt***r ***l /stepNextAlt***r ***l restartAlt***r ***l /restartAlt***r ***l feedbackCloseBtnAlt***r ***l /feedbackCloseBtnAlt***r ***l /altTags***r ***l instructionBtnText***r Instructions***l /instructionBtnText***r ***l beginBtnText***r Begin***l /beginBtnText***r ***l feedbackCloseBtnText***r Close***l /feedbackCloseBtnText***r
5 / 9
Section Objectives

By the end of this section, you will be able to list information security best practices for sales associates.

Topics

  • Secure Transactions
  • Take Action
  • Use Best Practices

6 / 9
***l imageTermWidget***r ***l widgetTitle***r ***l /widgetTitle***r ***l activityInstructions***r ***l p***r ***l b***r Instructions***l /b***r ***l /p***r ***l br/***r ***l p***r ***l i***r Click on each image to learn more about secure practices for credit card transactions.***l /i***r ***l /p***r ***l br/***r ***l /activityInstructions***r ***l pageContent***r ***l p***r ***l i***r ***l b***r Remember***l /b***r , credit card information should always be handled according to any procedures established by your employer.  If you are unfamiliar with or unsure of your credit card handling process, talk to your manager.***l /i***r ***l /p***r ***l br/***r ***l /pageContent***r ***l imageItem***r ***l itemImage***r ../assets/creditcards_term.png***l /itemImage***r ***l itemText***r ***l /itemText***r ***l contentArea***r ***l text***r ***l p***r Always check the signature on a credit card when processing a transaction.***l /p***r ***l br/***r ***l /text***r ***l image***r ***l /image***r ***l audio***r ***l /audio***r ***l /contentArea***r ***l /imageItem***r ***l imageItem***r ***l itemImage***r ../assets/handing_term.png***l /itemImage***r ***l itemText***r ***l /itemText***r ***l contentArea***r ***l text***r ***l p***r Be sure to hand the credit card directly back to the customer.***l /p***r ***l br/***r ***l /text***r ***l image***r ***l /image***r ***l audio***r ***l /audio***r ***l /contentArea***r ***l /imageItem***r ***l imageItem***r ***l itemImage***r ../assets/write_term.png***l /itemImage***r ***l itemText***r ***l /itemText***r ***l contentArea***r ***l text***r ***l p***r Do not record any information from a customer's credit card unless a specific process exists for that situation.***l /p***r ***l br/***r ***l /text***r ***l image***r ***l /image***r ***l audio***r ***l /audio***r ***l /contentArea***r ***l /imageItem***r ***l imageItem***r ***l itemImage***r ../assets/safe_term.png***l /itemImage***r ***l itemText***r ***l /itemText***r ***l contentArea***r ***l text***r ***l p***r Credit card receipts should be stored in a secure location such as a safe, cashier drawer or lock box.***l /p***r ***l br/***r ***l /text***r ***l image***r ***l /image***r ***l audio***r ***l /audio***r ***l /contentArea***r ***l /imageItem***r ***l imageItem***r ***l itemImage***r ../assets/report_term.png***l /itemImage***r ***l itemText***r ***l /itemText***r ***l contentArea***r ***l text***r ***l p***r Receipts should be protected from unauthorized access.***l /p***r ***l br/***r ***l /text***r ***l image***r ***l /image***r ***l audio***r ***l /audio***r ***l /contentArea***r ***l /imageItem***r ***l instructionsBoxTitle***r Introduction***l /instructionsBoxTitle***r ***l briefInstructions***r ***l /briefInstructions***r ***l instructionsBtnText***r Instructions***l /instructionsBtnText***r ***l /imageTermWidget***r ***l activityAudio***r ***l instructionAudio***r ***l /instructionAudio***r ***l contentAudio***r ***l /contentAudio***r ***l /activityAudio***r ***l altTags***r ***l closeAlt***r ***l /closeAlt***r ***l instructAlt***r ***l /instructAlt***r ***l submitAlt***r ***l /submitAlt***r ***l playPauseAlt***r ***l /playPauseAlt***r ***l muteUnmuteAlt***r ***l /muteUnmuteAlt***r ***l replayAlt***r ***l /replayAlt***r ***l stepPrevAlt***r ***l /stepPrevAlt***r ***l stepNextAlt***r ***l /stepNextAlt***r ***l restartAlt***r ***l /restartAlt***r ***l /altTags***r
7 / 9

At times, being an information security guard can require more than a watchful eye and secure practices. If you suspect someone is accessing information they shouldn't, immediately contact your manager, supervisor or other responsible party to report any violations or concerns.

Be sure any action you take follows your employer's response procedures. If you are unsure what these procedures are, talk to your manager.

8 / 9
***l p***r You can incorporate simple steps in your everday routine that will create a more secure work environment.***l /p***r ***l br/***r ***l p***r ***l b***r Instructions***l /b***r ***l /p***r ***l br/***r ***l p***r ***l i***r Click the forward arrow to step through best practices.***l /i***r ***l /p***r ***l br/***r ***l p***r Ask to see identification of any service personnel working on credit card machines or registers.  Also, be sure your manager or supervisor is aware of the service call before the technician is allowed access to any device.***l /p***r ***l br/***r ../assets/badge.png***l p***r Do not share passwords for point-of-sale registers.***l /p***r ***l br/***r ../assets/lockgrey.png***l p***r Be alert for any unusual devices or unexpected changes on or near card swipe machines.***l /p***r ***l br/***r ../assets/warning_triangle.png***l p***r Be alert for any cardholder information on paper or other media left out in the open or otherwise unattended.  Again, be sure to report any suspicious behavior to your supervisor or manager.
***l /p***r ***l br/***r ../assets/sheets1.pngIntroduction InstructionsFeedbackResume Activity
9 / 9

Congratulations! You have completed the Secure Practices for Retail Associates lesson. The Security Awareness Education (SAE) Portal tracks the completion of the lesson and unlocks the next lesson in the course.

To move on to the next lesson, click Exit in the top right navigation bar of this screen to return to the SAE Portal. Then, follow the directions you learned in the Course Navigation lesson to return to the Course Menu page, where you may select the next activity from the list.