According to a recent report, retail is among the top five industries suffering the most from data breaches, with POS intrusions accounting for one in four breaches observed last year. Not surprising given the fact that retail systems hold extremely valuable customer information, making them an attractive target for hackers.
With the recent surge in high profile data breaches, retailers are acutely aware of the need to safeguard against a possible security breach. However, the reality is that in today’s hyper-connected age, it is increasingly difficult to stay a step ahead of every security threat. It can be difficult not only to know exactly where to focus efforts for the best result, but also to justify the associated ROI. There are, however, practical steps that retailers can take to improve their security measures so they are armed with practical solutions that enable them to be better prepared and ready to act before a threat arises.
How Can Retailers Respond To Increasingly Sophisticated Hackers And Attacks?
The complexity of retailer environments can make it difficult to defend from intruders. As theretailpaymentecosystem continues to evolve, so too do the methods adopted by cybercriminals.More than ever before, retailers must be proactive and diligent in staying up to date with the right security practices. In the simplest terms, protection will require a mix of the right technology, planning, and training.Keeping pace with the changingretailenvironment,retailersmust ultimately promote a strong infrastructure, a secure POS system, an in-depth IT strategy, and properly train employees to minimize data breach risks.
Before employing new security practices, however, it’s important for retailers to determine what actions are most appropriate for their particular organization based on the data they house. They must ensure they are keeping consistent inventory of the data they collect, store, and transmit as well as the existing technologies in place managing that data. By following the five practical measures outlined below, retailers can identify potential security gaps and common points of entry, track how data is moved, who has access to it, and learn how to keep it secure, both physically and electronically.
1. Maintain current software with consistent patching. It can be a daunting task to routinely update software across the entire retail IT environment, but doing so will significantly decrease exposure to a breach that might allow malware to find its way onto retailer systems. Patch management allows retailers to address the security vulnerabilities that software vendors fix to make systems harder to compromise. As the use of cloud computing continues to grow, the number of devices and computing assets connected online will multiply, increasing the need for more frequent patching across more devices. Although deploying patches and updates across different locations and systems takes time, such actions drastically improve security.
2. Enable secure remote access to retail systems. Retailers must enable remote access to their retail environment to maintain their POS and other systems. However, intruders who manage to gain access to legitimate users’ logon credentials can covertly access sensitive systems in a way that’s not always easy to uncover. It’s important that retailers not only look out for unusual access patterns, but also enable two-factor authentication for accessing retail networks. Retailers can also use application and system logs, for example, to spot anomalies in how legitimate users access systems, so they can detect when administrative access is being misused by attackers.
3. Update network firewall practices. Retailers have been deploying network firewalls for years, but today, that’s not enough. Many firewall configurations only focus on restricting access from the Internet, ignoring ways attackers can move information internally from one network to another and take stolen data out. Implementing firewalls to segment the retail environment into multiple networks based on each network’s security requirements and the type of data they process will restrict how these internal “subnets” can talk to each other and make it harder for an attacker to get into another network. Using firewalls to then restrict outbound access from the retail environment will help provide the added protection needed in today’s retail landscape.
4. Apply additional layers of endpoint security. While antivirus is considered a foundational element to securing endpoints in retail environments, organizations should look to application whitelisting — a method used to prevent unauthorized programs from running — to strengthen malware defenses. Whitelisting locks downs the point-of-sale (POS) endpoint environment by only allowing those applications that retailers approve to run on the device. Antivirus and application whitelisting create a layered security approach to protect the POS environment and are critical elements to help prevent any intentional or unintentional changes to the system that might cause damage.
5. Keep staff informed of safe practices. An endpoint device or PC can be easily unintentionally put at risk by unknowing employees surfing the Internet and coming across an infected website or opening a malicious email. Once an adversary has gained access through this gateway, they can easily spread beyond it and gain access across a retailer’s POS environment from the corporate network. As a result, it’s important to train staff on best practices and protocols for maximum security prevention. This also highlights the importance of network segmentation and consistent software patching of corporate systems to counter any threats that result indirectly from employee behavior.
KenyaHusbandis the Retail Services marketing lead for NCR Corporation.Sheis a marketing leader who believes in walking up the down escalator, going beyond conventional thinking and seeing beyond the current circumstance.Husbandenjoys infusing new thinking into her strategies as she relentlessly strives to curate brand and content experiences that truly matter to the audiences she serves. To learn more about NCR Retail Deployment and integration capabilities please visitNCR Retail Deployment Services.