TECH INTELLIGENCE: Protect the till

How to keep your point-of-sale system on point

Carl Mazzanti//October 28, 2024//

Point of sale

PHOTO: DEPOSIT PHOTOS

Point of sale

PHOTO: DEPOSIT PHOTOS

TECH INTELLIGENCE: Protect the till

How to keep your point-of-sale system on point

Carl Mazzanti//October 28, 2024//

Listen to this article

Point of sale (POS) systems are great for retailers and customers since they enable consumers to easily make purchases with the swipe of a card. A POS system can also automatically update your inventory count to show that the item is sold.

Carl Mazzanti
Mazzanti

But that convenience can come with a price: security breaches. Well-publicized hacks include one at clothing retailer Forever 2, where bad actors reportedly had access to customers’ payment card data for up to seven months, and at the quick service restaurant chain Wendy’s, which reportedly compromised POS systems at more than 1,000 locations. An experienced provider can help retailers set up robust defenses against these and other threats.

POS and other cybersecurity breaches are more than a nuisance. They can damage a retailer’s brand, eroding consumer trust; and they can also lead to significant monetary costs. Wendy’s, for example, settled its POS breach for $50 million.

One way to keep your POS system secure involves segmentation, operating it on a separate, protected subnet that is separate from other network functions, such as email and non-POS related applications. If the POS is attached to enterprise resource planning, inventory, or finance systems, use application gateways to ensure the POS is protected.

Ensure that your POS systems have a firewall or proxy installed for protection and deploy an appropriately configured intrusion prevention system.

Encryption is another safeguard. Encrypting sensitive information, like customers’ credit card numbers, will enhance the security of your POS system since it ensures that even if hackers get into your system, they cannot do anything with the information they obtain.

Use antivirus software. Just as such software can help safeguard your computer, it can also keep your POS data safe.

Implement and enforce a strict application whitelisting policy, where tools or applications must be vetted and approved before being connected to your system. And record and change the default settings of any POS hardware and software, including default passwords.

Keep up with updates

Outdated software is a leading cause of security vulnerabilities. Cybercriminals are always on the lookout for weaknesses, and outdated systems are prime targets. Automated software patching, also known as automated patch management, refers to the use of software to automatically update software, operating systems, and firmware in a timely fashion.

Automating your software updates ensures that you download patches that fix security flaws, which can help protect sensitive customer data and maintain the integrity of your transactions.

Implement and enforce policies requiring robust passwords for your network. They should be difficult to guess (do not use your birthday, your home address, or your dog’s name, for example), changed periodically, and not shared. And do not let your customers access your network.

Set up two-factor authentication. Also known as multifactor authentication, MFA is a layered approach to securing data and applications, where a user must present a combination of two or more credentials to verify their identity before they can log in to the system.

MFA enhances security, since even if one credential becomes compromised, unauthorized users will be unable to meet the second authentication requirement — and they will not be able to access the targeted physical space, device, network or database.

The Payment Card Industry Security Standards Council oversees standards that companies must follow when they accept credit cards. PCI DSS compliance standards include eliminating cardholder information whenever possible so there is less data for hackers to find.

Employees should also be educated about POS system safety. In addition to emphasizing the importance of strong, unique passwords, explain the need to log out of the POS system when it is not in use. Employees should also be trained to safeguard the POS terminal from unauthorized access, and they should be vigilant about their surroundings. Teach them how to avoid phishing schemes and protect login information.

Retailers typically process a high volume of credit card transactions, so you will continue to be a prime target for bad actors. But merchants who work closely with a cybersecurity provider can set up effective defenses that will help to protect them against data-swipe and other information thieves.

Carl Mazzanti is president of eMazzanti Technologies in Hoboken, providing IT consulting and cybersecurity services for businesses ranging from home offices to multinational corporations.