Technology adds value to our business world in many ways, helping us work smarter, faster and more efficiently than ever before. It arms retailers incredible customer insights to drive marketing activities, streamlines inventory and stock control and helps optimise staff resources and service delivery. But as retailers embrace all the capabilities today’s point of sale (POS) technology offers, they may also open the door to cyber crimes that could stall or completely disable their business.
Cyber crime comes in many forms including phishing, system attacks and identity theft. But one of the most widely publicised is ransomware, a type of malware or malicious software designed to lock down or block access to your system until you pay a large amount of money. In May 2017 many retail POS systems were immobilised by the ‘WannaCry’ ransomware, which hit over 230,000 users in 150 countries worldwide. Ransomware like Wannacry can find its way into your POS in several ways, most commonly via a phishing email, infected website or malicious internet ad.
Retailers frequently protect their back-of-house computer systems with firewalls and antivirus software, but fail to apply the same safeguards to point of sale systems and the broader store network – potentially exposing sensitive company information, customer credit card data and personal details to cyber criminals.
The good news is that in addition to installing anti-virus software on your POS, there are a range of steps retailers can take to protect their business. Here are our top 6 tips for keeping your POS safe:
- Backup! Backup! Backup!
No matter what the type of data, back everything up regularly and make it a non-negotiable part of your store’s IT routine. Apply the same rule to every device from desktop computers and laptops to tablets and mobile phones, as they’re all susceptible to cyber attack.
If your data is backed up in the cloud, always log out of the cloud at the end of your session. If you are backing up to an external drive, make sure it’s unplugged to prevent hackers encrypting and locking your back up.
2. Isolate POS From The Network
Cyber criminals will often target your POS as a way to gain access to sensitive data stored in other parts of your network. Even with security measures in place your POS may still be vulnerable, so it’s essential to mitigate the risk to your broader business by keeping all credit card transactions contained to that one system and isolating it from the rest of the network with a firewall.
3. Keep Security Updated
Always install the latest POS software updates as soon as they become available. These updates often incorporate security patches designed to fix a weakness in the software that might expose you to attack.
It’s also vital to have a strong password different from the factory-set password used when the software was installed, which a hacker could easily find online. Change the password regularly and use at least 12 characters including numbers, upper and lower case letters and symbols.
4. Don’t Touch Anything Unfamiliar
One of the most common ways ransomware or other malware can enter your POS system is when a user clicks a link within a phishing email.
Avoid opening or downloading anything unfamiliar including attachments, text messages and apps. Hackers are becoming increasingly clever at imitating genuine content like password reminders or requests to update information so be on high alert and if in doubt, contact the organisation directly to verify the request.
5. Avoid Internet Browsing on POS
Like phishing emails, unsafe websites and malicious online ads put you just a click away from infecting the POS with a virus or malware. Many infections result from human error, particularly if a customer asks a user to look up additional information, or the user takes advantage of a quiet moment in trade to check their personal emails. As a general rule, any system that accepts credit card payments should not be used for internet browsing and vice versa.
6. Get Reputable IT Support
Even with dedicated internal IT resources, it can be challenging for retailers to keep their POS system secure. Having a third party IT specialist who can monitor your system full time is essential to keep your business safe.
If your POS system is infected, your IT specialist can step in to mitigate the damage and manage the repair process for you, leaving you free to focus on other areas of your business.
Today, POS technology enables retailers to serve their customers more efficiently and effectively than ever before. But like any technology, it also requires stringent security measures to keep business and customer data safe. Making the security of your POS system a priority will help you avoid costly downtime and the potentially devastating effects of fraud, identity theft and other cyber crimes.
If change and meeting your customers’ needs is a constant, doing nothing isn’t an option. Be sure you are partnering with a company with the depth and breadth of expertise you require. Particularly one who can help you navigate end-to-end managed services, cloud, mobile and paperless retail technology. GPK Retail consultant, Cordell Quaine, is available for a no obligation discussion on how GPK can help you reduce operational costs, manage your IT footprint more effectively and create an exceptional experience for your customers. Contact: Phone 1300 000 475 or email info@gpkretail.com.au for more information.