Let me ask you a question. How safe is your security position in your retail store? If you lock your doors and windows, then why not lock your network as well? Locking down your network does not mean you are slowing it down for legitimate use but rather, hardening it against attacks. Now might be time to take a look at how you are being protected. You may have an outside security provider you are working with, you may have someone on your staff that does this or you may be doing it yourself. In any event, starting the conversation with a security advisor and knowing the answers to these questions may give you the information to better understand the extent to which you are protected. Knowing about security is becoming as important as knowing accounting.
So, why are retail establishments such great targets for cybercriminals?
Your assets. Cybercriminals target your bank account because it is often protected behind flimsy safeguards. If you are doing your banking over the internet, you may need to consider additional defense measures to protect the information coming into and going out of your network.
Your customers. Customer credit card data continues to be a valuable commodity for cybercriminals to sell to others who commit credit card scam. The trend of millions of credit cards being stolen annually is going to continue until proper security measures are in place. Expect an increase in point of sale (POS) attacks as criminals try to get in before new chip and pin technology is adopted later this year.
Your employees. Employee information is quite valuable in compromising individuals as well as possibly providing an entry into the individual’s network of friends and family. Knowing employee information allows criminals to impersonate an employee to gain access to your network.
Your partners. You might be doing business with larger enterprise customers. Compromising your network may be an effective way to gain entry into the networks of your enterprise partners. The Target breach came as a result of a compromised partner with access to Target’s network. Expect your partners to be asking about how they are being protected.
Many smaller and regional retail establishments consider a firewall as an “install it and forget it” product. Cybercriminals are constantly improving their game to come up with new ways to take your money. Because of the dynamic nature of the threat surface, your security posture should also be dynamic. Asking questions is a great first step in starting your security conversation.
What questions should you be asking about your network security that will help you reduce your vulnerability to attack?
- How old is your firewall? If you’ve been using it for more than three years, you may not be keeping up with the technology necessary to keep out cybercriminals.
- Does your wireless network segment employees from guests? Keeping guest and employee data separate is a keystone of a secure wireless strategy.
- When was the last time you paid to renew your network security subscription? If you cannot remember, it might have lapsed leaving your network wide open.
- Have you changed your broadband subscription? Sometimes, your broadband speed is upgraded without changing your subscription. Is your firewall able to keep up with the faster speeds?
- Do you know if all the security protections are turned on for your network? It is a dirty little secret that someone may be turning off security to maintain or improve network performance. You may consider network performance more important than security; this is an unnecessary tradeoff when you can have both.
If you are answering yes to these questions, you may be vulnerable to a security breach that can cost you time, money, lost customers and your good reputation. The last thing you want is to have your name in the news because of a network security breach. Security is more than a requirement. By hardening your security posture, you can avoid the downside and turn security into a competitive advantage. “Safe surfing” may well be as valuable to your customers as discounted products.
There are many moving parts to consider when evaluating your security posture. Because no silver bullet exists, the best defense is one of several layers. If you want to understand security better and learn how you can develop a security blueprint for your business, I encourage you to download the white paper “How to prevent security breaches in your retail network.”