How to Ensure Your POS System is Secure This Holiday Season
As a retailer or small business owner, your main concerns during the holiday season used to revolve around optimized floor plans, adequate inventory, internal theft or incorrect change.
Times have changed, and various threats have boiled to the surface, especially as cash is almost all but forgotten and digital payment methods are the new normal.
Modern technology has introduced a host of challenges to the industry. Rather than losing $10-$15 due to poor math skills or petty theft from the analog register, valuable customer credit card information could fall into the wrong hands and lead to costly fines from legal action. Modern solutions are vulnerable to internet connectivity loss, cyber threats and various other concerns.
What risks do retailers and small business owners face this holiday season and how can you stop cyberattacks? Let’s break it down.
Why You’re Vulnerable
Today’s point-of-sale (POS) systems are modern computers. All require an internet connection to function and transfer transactions and payment information over the same network. While this may seem like standard procedure and business owners pay it little attention, major threats can arise. For example, what if a cybercriminal is monitoring that network? Or malicious software is on the POS system itself? Unfortunately, malware can go undetected for months on end and gather the sensitive information passing through.
Picture contacting every customer who has made a purchase over the past few months and informing them their information was breached while shopping at your store. Consider the impact this may have on your repeat business, reputation and, ultimately, your profitability.
While internet connectivity and modern technology are much more efficient than legacy forms of communication, any dropout in service can be debilitating. A POS network failure means no card transactions, which could also mean no sales as many consumers no longer carry cash.
How to Help Prevent Cyber Attacks
When evaluating how to prevent cyber risks such as malicious malware during the holiday season, POS systems should be one of your top concerns. Luckily, there are best practices you can implement to mitigate threats.
Similar to most computers, POS machines have USB ports. Have you ever been in a situation where a cashier is charging their phone in the port while they process your transaction? Phones can act as a Trojan horse for viruses, even if the cashier has no idea it’s happening. Devices plugged directly into the machine can bypass firewalls or other network protections. You spent time and resources protecting the front end of your network, only to be taken down by a part-time employee unknowingly bringing in a dangerous program. Start your journey toward better cyber hygiene by enacting a policy to restrict this activity.
While we’re on the topic of firewalls, a common misconception is that internet service providers offer a firewall through the router or other anti-virus software. While this may be true, neither option fully restricts or monitors network traffic. The more protective layers a system has, the more effective it can be in slowing down or stopping hackers. Cybercriminals change their approach every minute to break down standard router firewalls’ efforts. However, more advanced solutions offer intelligent network analytics that can better protect your whole network. Zero-day hacks are programs or techniques that have never been used before, making them incredibly difficult to recognize. True front-end protection can analyze patterns to stop a zero-day attack on a business.
In a year ripe with challenges, don’t bog yourself down worrying about your POS system’s security this holiday season. Instead, take the necessary steps now to mitigate the risks outlined above and choose a system that protects your business from evolving threats and provides the ability to run your network more efficiently.
Eric Talley is commercial manager of network solutions at STANLEY Security, a provider of integrated security solutions.
