It’s no secret that the shift to EMV (Europay, Mastercard, Visa) has left many merchants still scrambling to comply following the October 1 implementation deadline. While that’s getting headlines during the holiday season, merchants should not forget that major breaches can threaten not just individual transactions at the POS, but rather a wide range of sensitive corporate information, any of which can tarnish the future of an entire brand. Developing an extensive security strategy that addresses the broad range of possible attack vectors and targets is the only way to ensure comprehensive protection of the company’s reputation.
Today’s hackers have a catalog of methods to monetize your corporate assets, each of which can severely impact the victim organization’s privacy, customer trust and ability to operate – even to the point of potentially putting a company out of business – and can cost millions of dollars in damages (just think of high profile attacks such as those on Sony, Home Depot, Target, T-Mobile, etc.).
The reality is: It’s only a matter of time until any organization experiences some sort of serious security attack, if it hasn’t already. And, it’s not enough to just meet compliance requirements; you need to understand your security risks by identifying what information assets have value to hackers, be prepared to protect those assets to prevent unauthorized access, and isolate and respond to threats as soon as they appear. If you can’t quickly respond, you risk significant damage and loss of customers.
So while it is important to deliver on EMV (and PCI compliance, an entirely different thing many merchants still confuse with EMV) – what’s most important is developing a true, multi-layered security strategy. This includes threat monitoring and detection, firewalls, endpoint management, secure remote access, secure WiFi, and more.
- Identify valuable information assets across the company. A major part of the security battle is knowing what the crown jewels are and where you might be exposed or out of compliance.
- Implement firewall and intrusion prevention solutions. Managed firewall in the cloud or on your premises helps protect your vital business data, customer records and proprietary information.
- Safeguard your company’s most valuable assets with security monitoring. 24/7 advanced security monitoring can help detect today’s threats before they become tomorrow’s headlines.
- Prevent breaches by implementing secure remote network access solutions, proactive server patching, and industry leading malware protection.
- Select a secure in-store WiFi solution that offers your customers an in-store experience that enhances their relationship with your brand but that safeguards your own infrastructure and data.
- Educate your employees. Hackers often send phishing messages to unsuspecting employees who then click on a malicious file or link that installs malware that is remotely controlled by the hackers. Make your employees aware of these risks.
Above all, one of the best security strategies includes working with trusted technology partners/providers to be sure you cover every possible angle. It can’t be overstated that IT security teams must be provided with adequate resources, both human and financial, in order to effectively safeguard your network – all without diverting valuable time from the revenue-generating applications your company still requires.
* This is Part 1 of a multi-part series that will address a number of aspects of evaluating, implementing and maintaining security efforts in the enterprise.
Safeguard Your Information and Delight Your Customers with EarthLink
Actively protect your network from breach attempts and provide a better customer experience while also gaining greater visibility into the behaviors that are driving this massive change into the digital age of shopping.
[Photo credit: bizjournals.com]