Point of sale (POS) systems are helpful for both retailers and customers. They let consumers make purchases easily by swiping a card. A POS system can automatically update your inventory count to reflect the sale of the item.
But that convenience can come with a price: security breaches. Some well-known hacks include one at the clothing store Forever 21. Here, hackers had access to customers’ payment card data for up to seven months.
Another hack happened at Wendy’s, a fast-food restaurant chain. This breach affected point-of-sale systems at over 1,000 locations. An experienced eMazzanti professional can help retailers set up robust defenses against these and other threats.
POS and other Cyber Security breaches are more than a nuisance. They can damage a retailer’s brand, eroding consumer trust; and they can also lead to significant monetary costs. Wendy’s, for example, settled its POS breach for $50 million.
Taking Proactive Steps Now Can Save a Lot of Grief Later
One way to keep your POS system secure is by using segmentation. This means running it on a separate, protected subnet. This subnet should be different from other network functions, like email and non-POS applications. If the POS connects to resource planning, inventory, or finance systems, use application gateways to keep it safe.
Make sure your POS systems have a firewall or proxy for protection. Also, use a well-configured intrusion prevention system (IPS).
- Encryption is another safeguard. Encrypting sensitive information, like customer credit card numbers, improves your POS security. It ensures that even if hackers access your system, they cannot use the information they steal.
- Antivirus software. Just as antivirus software can help safeguard your computer, it can also keep your POS data safe.
- Implement a strict application whitelisting policy. Tools or applications must be checked and approved before connecting to your system.
- Record and change the default settings of any POS hardware and software, including default passwords.
Do Not Neglect Updates
Outdated software is a leading cause of security vulnerabilities. Cybercriminals are always on the lookout for weaknesses, and outdated systems are prime targets. Automated software patching is a solution, since this reviews, validates and updates programs, operating systems, and firmware using patches, or new releases, in real time. Automating your software updates helps you download patches that fix efficiency and security issues. This can protect sensitive customer data and keep your transactions safe.
Passwords Matter
Implement and enforce policies requiring robust passwords for your network. They should be hard to guess — so do not use your birthday, home address, or your dog’s name. Change them often and do not share them.
Other measures
- Do not let your customers access your network.
- Set up two-factor authentication. MFA, or multifactor authentication, is a way to secure data and applications. It requires users to provide two or more credentials to confirm their identity before logging in.
- MFA improves security. If someone compromises one credential, unauthorized users cannot meet the second authentication requirement. This means they cannot access the targeted physical space, device, network, or database.
Adhere to Industry Standards and Train Employees
The Payment Card Industry Security Standards Council (PCI SSC) sets rules for companies that accept credit cards. PCI DSS compliance standards include eliminating cardholder information whenever possible so there is less data for hackers to find.
Educators should also teach employees about POS system safety. – It’s important to use strong and unique passwords.
You should also log out of the POS system when you’re not using it. This helps keep your information safe. Train employees to protect the POS terminal from unauthorized access. They should also stay alert to their surroundings. Teach them how to avoid phishing schemes and protect login information.
Retailers handle many credit card transactions. This makes them a main target for criminals. But merchants who work with a Cyber Security provider like eMazzanti can create strong defenses. These defenses will help protect you from data theft and other information thieves. Improving your security will mean less downtime due to bad actors; enhancing your operational efficiency and your reputation.
Dark Web Monitoring Is your information on the Dark Web? We go into the dark web to keep you out of it |