… your Wi-Fi, security cameras, digital menu boards and other connections. If you want to enable managers to connect to the POS via Wi-Fi, connect them through a virtual LAN that separates authorized traffic into a security zone.
Two-factor password authentication. When permitting remote access to a network, it’s essential that this access is restricted and secure. At a minimum, access should only be granted to individual (not shared) user accounts using two-factor authentication and strong credentials. Remote-access activities should also be logged so that an audit trail is available.
Work with a professional managed security service provider (MSSP). Having a team of experts can help prevent the devastating impact of a breach by reducing the dwell time (the time between when an attacker compromises a network – minutes – and when the organization discovers the threat — typically months). This can be as inexpensive as $50 per month, per location.
SOC. As we saw with Home Depot, which paid $19.5 million to U.S. customers affected by the 2014 data breach, even the biggest companies can get overrun to filter all alerts. Consider setting up or hiring an MSSP that offers a security operations center (SOC) to do around-the-clock monitoring, evaluation and response of all security alerts 24/7. With the people, processes and platform to continuously look across the entire organization’s networks, servers, endpoints, applications and databases, professional expert knowledge is necessary to detect and dig into potential threats.
Encrypt credit-card data. If you have older POS equipment that sends raw credit-card data to a back-office server, it might be time to upgrade. Modern, secure POS systems encrypt credit-card data as soon as a card is swiped, and they immediately send that data to the payment processor without temporarily storing it. Double-check your POS system to make sure it complies with PCI standards.
Free evaluation of your risk. With stolen credit-card data value on the decline in the black market and the continued rise of ransomware attacks, retailers are particularly vulnerable to retail ransomware. Find out your risk level and revenue impact potential with a free security self-assessment.
This list might seem daunting, but working with the right security partner can make it very manageable and affordable. As a retailer, make the top priority of your New Year’s resolution list to take the right steps to avoid any potential of facing a cyberattack.
Aaron Branson, vice president at Netsurion, is a digital-marketing strategist with a focus on digital experience management (DXM) platforms, marketing automation and UX, along with a particular interest in cybersecurity evangelism. Catch up with him on LinkedIn or follow him on Twitter.
.@MicroCorp is targeting the "exploding" Southwest partner scene. goo.gl/fb/VFWJ6k
February 15 2019 @ 14:45:26 UTC