Is Your Company At Risk For A Security Breach?

Digital Security
December 16, 2015 Retail Kevin Beasley

The height of the holiday shopping season has arrived and, according to the National Retail Federation, an estimated 135.8 Million shoppers will be making purchases online and in stores. As shoppers are busy purchasing gifts, it’s the responsibility of the retailer to protect its shoppers from any security breaches. As a retailer, have you stopped to wonder how safe and secure your technology infrastructure is to prevent such attacks from occurring?

Data security breaches are at their highest during the holiday season and these breaches can negatively affect holiday shopping and decrease revenue. A top priority for retailers should be to protect customer data, and by doing so, make customers feel secure when shopping. Since consumers are focused on getting exactly what they need when they need it, it is up to retailers to worry about what happens behind the scenes. According to PWC, 79% of shoppers will purchase gifts using a personal computer and 12% will shop on the go with their mobile devices, making millennials a higher target for attacks than shoppers over 35. (Source: PricewaterhouseCoopers 2015 Holiday Report)

With today’s security risks, it is highly recommended that retailers focus on consumer security concerns; no longer can security and compliance not be a top priority for your business. For the same reasons you have an alarm system or fire protection, you should also protect your business from Advanced Persistent Threat(s) (APT) attacks.

First, to protect your business, have a security and disaster recovery plan in place. Assemble the appropriate team members and discuss what your team will need to do in order to keep the business up and running in the event of a business disruption. The reality is, if your information system is breached or disrupted by a weather-related disaster such as flooding, or human attacks such as malware or a hack attack, you can still perform daily business operations if you have a disaster recovery plan for your business. Make sure your plan includes identification of the attack along with knowing the location of all entry points. It is crucial for your business to document all technical information such as the makes, models and passwords of all company equipment. This information should be updated regularly as new equipment is added to your inventory, and older products become outdated

Secondly, plan to test. Testing will exploit any weakness in your code and applications. All operating systems on all servers, desktop, mobile and infrastructure equipment need to be current. Best practices require completion of tests after major application releases and although cloud offerings have made the services much more accessible, they still require significant investment. The best time for testing is right before the holiday season, because you do not want a test failure to cause you a slowdown during the busiest time of year.

Third, is to make sure your business is up to date with EMV (EuroPay, Master Card, Visa) Credit Cards processing and PCI Compliance.  EMV provides a standard worldwide interaction between smart cards and payment devices, the new chip-based cards make payment processing more secure for consumers and merchants, according to VAI’s Chief Information Officer, Kevin Beasley. The EVM chips are used to identify cards to the credit card processors and the Card Validation Methods (CVM) such as a signature or pin to identify the consumer using the credit card to secure against fraudulent transactions as counterfeit, previously skimmed, or stolen cards.

With new technologies emerging every day, shopping as a consumer becomes easier and easier. Consumers do not even need to make eye contact when making purchase; they can simply hit the ‘buy now’ button on their mobile devices. The life of a consumer is on the go, making purchases whenever and wherever is convenient for them.  With a world filled of new advances, shoppers do not normally think twice when it comes to the back end of purchases. That’s where a retailer’s responsibility comes in because protecting the relationships with your customers, means protecting their information from unwanted attacks.  According to the National Retail Federation, building and maintaining trust with consumers is a challenge and one that retailers must tackle head on. Retailers should invest significantly in technology that not only provides value to customers but also protects them from fraud and data theft.


Kevin Beasley

Chief Information Officer

Comments