The new 2015 Dell Security Annual Threat Report identified a number of startling concerns about point-of-sale breaches. It appears that breaches are only increasing in number, with more malware strains emerging and new breeds of programs being developed to attack POS systems.
"Everyone knows the threats are real and the consequences are dire, so we can no longer blame lack of awareness for the attacks that succeed," said Han Chon, director for security and endpoint systems management, Dell APJ.
However, protecting from POS breaches isn't an impossible mission. Retailers need to start employing these best practices to prevent more information from being compromised in 2015. Here are a few examples:
- Install better firewalls: Next-generation firewalls (NGFWs) go beyond the port/protocol inspection and blocking that traditional firewall offers. They also provide application-level inspection, intrusion prevention and intelligence from outside the firewall.
- Minimize mobile threats: Deploy full mobility security plans that include limitations on mobile devices, such as passwords, timeout requirements, software updates and policies against jail-broken devices. Also enact plans on the data level, by setting access levels for employees, automatically encrypting data and continually training workers.
- Deep-packet inspection: Deep-packet inspections on traffic, at every node and on every segment, can help automatically investigate anomalies in the system.
- Separate groups and zones: Separating groups prevents attackers who do gain access to the network from penetrating further into the system.
- Isolate POS systems: The POS system should be separate from the rest of your network and terminal activity should be restricted.
- Email security: Ensure you have an email security plan in place to block malware in spam and protect against phishing attacks. Make sure employees understand not to click unfamiliar links or open emails from addresses they don't recognize.
For additional security make sure your payment processing software is always up-to-date.