Johannesburg - Retail shops are frequent targets of cyber theft, but a secured buying experience is attainable with the right planning and technology, says Perry Hutton, Regional Director of Fortinet for Africa.
He said globally, the retail industry is among the top three industries to be targeted by cyber criminals.
Due to the sheer number of merchants accepting payment cards, the relatively low level of security and the many attack vectors available, the number of breaches is large and continuously growing.
The increasing use of mobile devices combined with the introduction of near field communication (NFC) wireless technology and applications such as augmented reality only serve to exacerbate the problem, he said.
Some of the most highly reported examples of cyber theft in the retail sector come from the US.
The breaching of merchants' in-store wireless networks, point-of-sale (POS) systems and credit card readers resulted in tens of millions of credit cards being compromised and the loss of personally identifiable information, in addition to financial losses for those merchants.
These large-scale incidents of cyber theft highlight the need for retailers to better secure their operations.
Modern retail security
Traditionally, retailers have been securing their stores by using either store-based routers with basic security functionality, or an overlay point security solution plugged into the store network, or a private WAN to bring all traffic back to the data centre for inspection.
Each of these methods have their drawbacks, either for lack of functionality, inability to scale or excessive costs.
Instead, retailers should take a closer look at each of the four primary building blocks of a secured distributed environment and take steps to address the particular issues faced by their organisation at each of these levels.
Access
As stores extend access to employees and consumers using mobile devices, ensuring secure access is critical.
Secure access control through rogue access point detection, authentication, guest WiFi services, rate limiting and load balancing is important.
Store
The individual store level requires security and connectivity for a wide variety of functions including WiFi, voice and traditional network connectivity.
With the addition of consumer connectivity, each store must also be able to provide security functions, such as anti-malware and application control.
Aggregation
This level is the destination for all data. Typically this is the retail headquarters.
Core security functions such as firewall, application control and VPN termination take place here.
Management
Given the widely distributed nature of modern retail establishments, the ability to centrally manage and quickly modify the various security appliances guarding the organisation is essential. Having a security platform across the enterprise will allow this to be done effectively.
As part of this more in-depth security strategy, retailers should closely consider their options for implementing a network security solution that is both comprehensive and cost-effective.
In order to address today’s complex in-store security, the requirements of a strong IT security solution should include:
High performance to improve customer experience
With the growing number of endpoints and applications as well as higher data volumes, each in-store network must provide high performance for continuous credit card processing and POS connectivity to maximize the customer experience and interaction.
High performance and low latency traffic flow is especially important during peak transaction periods.
In-Depth Defence for the In-Store Wireless LAN
In-store reps are increasingly being provided with wireless tablets to increase interactivity with customers, while some retailers are looking to differentiate services with wireless kiosks, flexible wireless digital signage and customer access through their own devices.
The security solution must thus be able to provide the same levels of security to the wireless and wired parts of the network.
Migration to lower-cost public networks
The adoption of low-cost superfast broadband connectivity to stores and/or the use of a secure VPN over the public networks provide lower-cost operational alternatives to private WAN networks.
However, leveraging public networks for store connectivity can expose retailers to additional security threats, so it is important that such connections are secure and that the encrypted traffic does not succumb to performance degradation when passing through the security devices.
Adoption of Innovative In-Store Services
The use of advanced technologies make the retail environment more vulnerable to threats.
Support of cutting edge customer applications - such as the augmented reality applications used as customers move through the store and/or in-store Wi-Fi access to multi-channel retailing and loyalty schemes - will become commonplace in the next five years.
Security systems will have to scale to hundreds if not thousands of endpoints without incurring significant costs.
PCI-DSS Compliance support
With in-store networks carrying credit card transactions, PCI compliance requirements must be satisfied.
Security monitoring and rogue detection are explicit requirements in the PCI standard, so it is imperative that retailers are able to analyze user and device behaviour on the in-store network and respond to any threat.
Event logging, analysis and reporting capabilities are essential to enable firms to demonstrate compliance with PCI-DSS and other regulations.
- Fin24
He said globally, the retail industry is among the top three industries to be targeted by cyber criminals.
Due to the sheer number of merchants accepting payment cards, the relatively low level of security and the many attack vectors available, the number of breaches is large and continuously growing.
The increasing use of mobile devices combined with the introduction of near field communication (NFC) wireless technology and applications such as augmented reality only serve to exacerbate the problem, he said.
Some of the most highly reported examples of cyber theft in the retail sector come from the US.
The breaching of merchants' in-store wireless networks, point-of-sale (POS) systems and credit card readers resulted in tens of millions of credit cards being compromised and the loss of personally identifiable information, in addition to financial losses for those merchants.
These large-scale incidents of cyber theft highlight the need for retailers to better secure their operations.
Modern retail security
Traditionally, retailers have been securing their stores by using either store-based routers with basic security functionality, or an overlay point security solution plugged into the store network, or a private WAN to bring all traffic back to the data centre for inspection.
Each of these methods have their drawbacks, either for lack of functionality, inability to scale or excessive costs.
Instead, retailers should take a closer look at each of the four primary building blocks of a secured distributed environment and take steps to address the particular issues faced by their organisation at each of these levels.
Access
As stores extend access to employees and consumers using mobile devices, ensuring secure access is critical.
Secure access control through rogue access point detection, authentication, guest WiFi services, rate limiting and load balancing is important.
Store
The individual store level requires security and connectivity for a wide variety of functions including WiFi, voice and traditional network connectivity.
With the addition of consumer connectivity, each store must also be able to provide security functions, such as anti-malware and application control.
Aggregation
This level is the destination for all data. Typically this is the retail headquarters.
Core security functions such as firewall, application control and VPN termination take place here.
Management
Given the widely distributed nature of modern retail establishments, the ability to centrally manage and quickly modify the various security appliances guarding the organisation is essential. Having a security platform across the enterprise will allow this to be done effectively.
As part of this more in-depth security strategy, retailers should closely consider their options for implementing a network security solution that is both comprehensive and cost-effective.
In order to address today’s complex in-store security, the requirements of a strong IT security solution should include:
High performance to improve customer experience
With the growing number of endpoints and applications as well as higher data volumes, each in-store network must provide high performance for continuous credit card processing and POS connectivity to maximize the customer experience and interaction.
High performance and low latency traffic flow is especially important during peak transaction periods.
In-Depth Defence for the In-Store Wireless LAN
In-store reps are increasingly being provided with wireless tablets to increase interactivity with customers, while some retailers are looking to differentiate services with wireless kiosks, flexible wireless digital signage and customer access through their own devices.
The security solution must thus be able to provide the same levels of security to the wireless and wired parts of the network.
Migration to lower-cost public networks
The adoption of low-cost superfast broadband connectivity to stores and/or the use of a secure VPN over the public networks provide lower-cost operational alternatives to private WAN networks.
However, leveraging public networks for store connectivity can expose retailers to additional security threats, so it is important that such connections are secure and that the encrypted traffic does not succumb to performance degradation when passing through the security devices.
Adoption of Innovative In-Store Services
The use of advanced technologies make the retail environment more vulnerable to threats.
Support of cutting edge customer applications - such as the augmented reality applications used as customers move through the store and/or in-store Wi-Fi access to multi-channel retailing and loyalty schemes - will become commonplace in the next five years.
Security systems will have to scale to hundreds if not thousands of endpoints without incurring significant costs.
PCI-DSS Compliance support
With in-store networks carrying credit card transactions, PCI compliance requirements must be satisfied.
Security monitoring and rogue detection are explicit requirements in the PCI standard, so it is imperative that retailers are able to analyze user and device behaviour on the in-store network and respond to any threat.
Event logging, analysis and reporting capabilities are essential to enable firms to demonstrate compliance with PCI-DSS and other regulations.
- Fin24