Omnichannel and digital transformation are the key drivers for retailers worldwide. The nimble shifts in business strategy, the varied transaction platforms, and complex back-end IT architecture means that retailers are challenged with the complexity of securing their business. A recent 451 research report supported this by finding that the number one issue for securing retail environments is complexity. The research further indicated that “lack of skilled security staff has been a consistent theme.” So, security is getting harder, the business is changing faster, but the skilled staff to pull all this together is not available.
Common Themes
Working with retail customers ColorTokens has identified the following themes:
- Lack of consistent configuration at the POS terminals (encryption may or may not be turned on)
- The absence of a simple solution for segmentation, AV cannot provide segmentation needed by PCI
- No comprehensive asset inventory of assets that stores, processes and transmits cardholder data
- AVs have high CPU consumption making POS unusable, to compound this challenge AVs have long update cycles and can make your security posture vulnerable to attacks
Part of the security challenges resides with how breaches occur. Generally, we have found that breaches start in one area and then laterally move to more sensitive areas. For example, a $25 Raspberry Pi can be used to “war walk/war drive” past retail outlets to see if unsecured connections can be found. This can happen if a “secured” WiFi network used for card data transactions have poor authentication or if guest WiFi and store operations WiFi networks are not properly segmented. This can lead to access inside the network and then allow the attacker to plant malware and later exploit the leak points. In some cases, we found malware that would selectively infect systems – to avoid obvious detection. Per a Ponemon research, a breach can go undetected for over 191 days, long enough to cause collateral damage to your retail business.
The Omni Channel Solution
Our solution for the retailers was to simplify the approach in a basic model of “Understand. Act. Audit.” How this works for retails is as follows:
- Provide visibility into the status and assets across retail and “back of the house” servers. This includes the datacenter application assets
- Define the policies and logical segmentation that is required (i.e. PCI DSS)
- Leverage real-time analytics and reports to audit any changes in the environment to strengthen processes or technology.
This has been our strategy successfully across American, Middle East, and Asian retailers in large part due to the simplicity of the deployment, operations, and actions the IT staff can take. Turns out people love to shop. And cyber attackers love to steal – even across borders.
To learn more about ColorTokens retail security, check out our dedicated retail page.
