By : Kenya Husband
June 10, 2015 08:00 PM
Data breaches have rocked the retail industry over the past year, serving to remind us of how important it is to secure our data. Lenny Zeltser, Product Management Director, NCR, will be joining our exciting speaker line-up at NCR Synergy 2015 and will be discussing How Hackers Get into Retail Businesses & the Steps You Can Take to Strengthen Your Security Posture.
It is very difficult in our hyper-connected age for a retailer to completely safeguard against a security breach. Retail systems hold extremely valuable information that hackers can make millions from on the black market. The challenge is that these environments are complex and can be hard to defend from intruders. The defenders of this data, the IT professionals, have difficulty determining where to focus time and money to keep up with the constant demands of system security. In addition, the ROI associated with avoiding a security breach, which could run to millions of dollars, is difficult to justify to management. There are however, practical measures that can help protect retail environments.
How are these attackers unlocking retailers systems?
If you look at the large number of breaches in the last couple of years, there are several common entry points, including the following:
1. Maintaining current software versions with consistent patching
It can be a daunting task to routinely update the software in your endpoint environments, but doing so can drastically decrease your exposure to an exploit that might allow malware to find its way onto your systems. Patch management allows organizations to address the security vulnerabilities that software vendors fix to make systems harder to compromise. Although deploying patches and updates across different locations and systems takes time, such actions drastically improve security.
2. Enabling remote administrative access
Companies need to enable remote access to the retail environment to maintain POS and other systems that reside there. Intruders who manage to gain access to legitimate users’ logon credentials can access sensitive systems in a way that can be difficult to discover. People naturally select passwords that are easy to remember, but that means they are also easy to guess. Therefore, it’s important to not only look out for unusual access patterns, but also to enable two-factor authentication for accessing retail networks.
3. Updating your firewall practices to segment traffic
Organizations have been deploying network firewalls for years. Yet, many firewall configurations focus solely on restricting access from the Internet. Today, that’s not enough. Firewalls should be used to segment the retail environment into multiple networks, based on those networks’ security requirements and the type of data they process. The firewall should restrict how these internal “subnets” can talk to each other. This way, even if one of them gets compromised, the attacker has to work extra hard to get into another network. Moreover, companies need to examine how they use firewalls to restrict outbound access from the retail environment. If we assume that a motivated attacker will eventually get in, this configuration can make it harder for the intruder to get stolen data out.
4. Applying additional layers of endpoint security such as whitelisting is proving essential
While antivirus is considered a foundational element to securing endpoints in retail environments, organizations should look to application whitelisting to strengthen their malware defences. Whitelisting locks downs the point-of-sale endpoint environment by only allowing those applications that you’ve approved to run on the device. This helps prevent any intentional or unintentional detrimental changes to the system.
5. Unintended compromise, keeping staff informed of safe practices
An endpoint device or PC can be easily unintentionally and indirectly put at risk by an unknowing employee surfing the Internet and coming across an infected website or opening a malicious email. An exploit kit may have been installed on the website, providing a gateway into the employee’s system. Once the adversaries have access they can easily spread through the retailer’s point-of-sale environment from the corporate network. This highlights the importance of staff training, network segmentation, as well as consistent software patching of corporate systems.
Can you quickly improve your security?
Don’t be paralysed because the tasks are overwhelming. There are easy ways to address the fundamentals. The three simple techniques below focus on what you can do today to raise the bar in a meaningful way and help avoid the breaches that have affected many retailers over the past year.
Find out more by attending the session “How Hackers Get into Retail Businesses: Steps You Can Take to Strengthen Your Security Posture” at NCR Synergy 2015, June 22-25, Orlando.
Additional contributions to this article were made by Lenny Zeltser, Product Management Director, NCR.