Tuesday, August 4, 2015

BUYA SMASHES ALL TIME SALES RECORD FOR SINGE DAY - $29,070.20

It's like Christmas selling season everyday with Bravo.

Bravo eCommerce yesterday has its biggest day with 529,260 advertisement impressions, 7,337 new customers, 18,002 page views, closing $29,070.20 in sales.

BUYA.COM currently has 152 stores across 40 U.S. states selling 150,000 items interactively live throughout these locations.  BUYA is in the top 16k most poplular website in the United States.

Sign up for free to try out the Buya Trading exchange - click here to join over 690 other business, acquiring merchandise from customers.

Also, PawnMaster single store users can switch to BRAVO for FREE.  Contact Michelle to learn more about this exclusive offering.  michelle@bravorevolution.com



What makes Bravo unique is the seamless integration of eCommerce with Pawn.  It is a lot of work to sell online.  And some of you have had to add extra employees to get this done.  With Bravo you don't need extra employees to sell online.  Its that simple! 




There is no reason today why you shouldn't have the best technology and processes, give us a call or email, we would love to show you.

Steve Mack

bravopawnsystems.com

888.408.6287

michelle@bravorevolution.com

Wednesday, July 15, 2015

National Pawnbrokers Association Convention 2015 - Data Security !



NPA - National Pawnbrokers Association RECAP 2015

OFFICIAL VISIT FROM THE PRESIDENT OF NPA, LARRY, AND SECRETARY OF NPA, TIM, HIGHLIGHTS PAWNBROKERS AND THEIR CUSTOMERS DATA SECURITY.

What a joy to see the leadership of NPA stop by Bravo Pawn Systems to discuss with me Customer Data and ATF Cloud Data requirements.  Customer privacy is a number one priority today for all businesses.   I have been blogging for the last 4 years about data security and the fiduciary responsibility Pawnbrokers assume when conducting a loan transaction.  Negligence not using best business practices to protect customers’ data today could cost you your pawn business.

As the United States Government Human Resource center lost 22 million U.S. Government Employee records last month, the Head of the Department, Ms. Archuleta stepped down this week.  By the way, the data was not in the Cloud, it was on premise.  Nearly all of data breaches today are on premise.  Nearly all data catastrophes and breaches are onsite and are employee related physical breaches. These onsite servers and internal networks designed in the 70’s thru the 90’s were designed before the Internet.

Bottom line, the business owner is becoming more financially liable each day as data simply becomes valuable and worth stealing.

Pawnbrokers, who acquire personal information from customers, are responsible for protecting customer information.  You have a legal responsibility.  You have a fiduciary responsibility.  Read more: Gramm-Leach-Bliley Act – Click here.

All businesses today are responsible for their customers’ data.
Those of you that don’t use systems to transact, have the most risk. 
 
The all paper pawnbrokers.  The common method to protect your customer’s identity is to Shred every piece of the paper after the various required holding periods.  Best practice also suggests shredding all trash.  You are required to protect any customer information in a protected environment.  All ATF records must be stored in a safe, protected environment for the life of your business.  The ATF licensee has a fiduciary and legal responsibility to protect the government records.  Make sure you keep up with the latest ATF requirements on how and where to store these records.

Those of you that use in-store servers with the most commonly used Pawn Software available today are not encrypted and not protected. 

Pawnbrokers that use server based systems have a fiduciary and legal responsibility in protecting your customer’s data.  This old legacy infrastructure was not designed for the Internet and today’s cyber criminals.  You are responsible and financially liable.  Any Pawnbroker that is using the internet on any of their terminals is exposing customer data through the in-store network.

Most of you backing up your data are not encrypted.  It is imperative to be knowledgeable about what physical location your data is being stored, how it is encrypted, and whether it is located in the United States.
This also includes the protection of your physical computer server.  Again, like paper with customer data, your server is required to be in a locked, secured, and environmentally protected environment. You are required to keep up with data center best practices to protect your customer data.

On a technical note.  You are required to protect your servers from outside intrusion.  Meaning firewalls, data encryption, software intrusion protection.  This should be maintained at least quarterly.  A qualified SA, Systems Analyst, can be utilized to put together a plan for you.

In the old days, 5 years ago, most business were solely focused on their systems performing business requirements to run their business reliably.  Today’s focus must be the protection of your customer data.

Data Center – What are they?  Why should you consider?

Data Centers have been around for 40 years.  Today’s data facilities offer the space and expertise needed to comply and accommodate today’s businesses that use computers to run their business.  They simply became useful and popular because businesses needed a place to put their computers in an environmentally controlled environment.  This was a warehouse with power, air-conditioning, and supported a dry fire retardant system.  Building these environments on premise became very specialized and required specialized personnel. Computer systems, networks, and internet service continue to change so fast that housing requirements for all of these were becoming more and more important and hard to keep up on.  A whole new industry evolved and now most companies host and locate their servers in a NAP.   

A NAP is security rated by an industry term called Tier 1, Tier2, Tier 3, and Tier 4.  Tier 4 facilities are the most secure Data Centers in the World and only 4 exist today.  One of these four is located in Las Vegas – the SUPERNAP – click here.

Sticking your server under a counter, back room shelf or in a closet is considered negligent today.  Today’s businesses are expected to protect their hardware using this best practice.  I have also seen that if you look at the fine print of your business insurance policies, this provision is being expanded. 
 
Then the Internet came around and created a new paradigm.  The Cloud.

Cloud - Computing and Data Storage.
 
Cloud Storage and Computing.  What is it?  Is Cloud Computing different than Cloud Storage?  Where is the data?  What is the Public Cloud?  What is the Private Cloud?  What is Napster?  What is the server in your store?  Could your computer server in your store be a Cloud?  What is data encryption?  Do all computers systems encrypt data?

The Cloud.  

Do you remember Napster? It was a music sharing service.  If you signed up and put your music on your computer, others could get to it, and you could get to others.  Millions of people signed up as the perfect cloud storage network was formed.  You requested a music download and somewhere on someone’s computer a song would down load to your computer from anywhere.  This spawned an inter connectivity computing and data storage revolution along with the Internet.  From this the Public Cloud was formed.  

Public Cloud.  

Most people believe this is “The Cloud”.  This is a bunch of computers and storage devices that may interconnected everywhere or could be just one location.  Essentially anyone can borrow computing power or storage from a data center or someone’s computer, anywhere in the world.  In order to use a Public Cloud you could be just one tenant to use a facility, or you could be one of millions of tenants using the facility.  Any type of business can use these shared services.  One company’s Public Cloud service often utilizes other Public Clouds services.  These are commonly called shared services.  The underlying connectivity of these services play an important role as well.

Most U.S. Public Corporations do not use the Public Cloud.

Private Cloud.  

Most Pubic Corporations use the Private Cloud.  Private Clouds are generally a specific physical data center location and may be connected to other specific data center locations.  These data centers are generally located in a NAP.  But many can be located at any type of location, even your home.  Only specific users can utilize the computing resources and storage of a Private Cloud.

The private cloud is a highly controlled environment not open for public consumption. Thus, a private cloud sits behind a firewall. The private cloud is highly automated with a focus on governance, security, and compliance.

At this year’s NPA convention I heard that some Pawnbrokers are using one single server in one of their stores for a number of their other store locations.  This is technically a Private Cloud.  By the way, the new ATF Cloud regulations apply to those that are using this method.

Hybrid Cloud.1
 
A hybrid cloud is a combination of a private cloud combined with the use of public cloud services where one or several touch points exist between the environments. The goal is to combine services and data from a variety of cloud models to create a unified, automated, and well-managed computing environment.

Combining public services with private clouds and the data center as a hybrid is the new definition of corporate computing. Not all companies that use some public and some private cloud services have a hybrid cloud. Rather, a hybrid cloud is an environment where the private and public services are used together to create value.

A cloud is hybrid:
·         If a company uses a public development platform that sends data to a private cloud or a data center–based application.
·         When a company leverages a number of SaaS (Software as a Service) applications and moves data between private or data center resources.
·         When a business process is designed as a service so that it can connect with environments as though they were a single environment.

In my 30 years of system development, including an expert understanding what The Cloud is, I have found that an overwhelming number of “Cloud” definitions exist. My meeting with the NPA executives was only 15 minutes, but scratching the surface with these representatives was a good start and we welcome this conversation because this topic is a number 1 priority.