A Handy AVPS Guide to Point-of-Sale Security. Pt. I: Remote Access
In our current climate of “hackery” and security breaches, the number of alerts and advisories going out to companies like ours is on the increase. Many of these alerts contain valuable information. Consequently, we believe it’s essential to share this information with our customers. By doing so, they can implement these suggestions and enhance the security of their transactions with POS security remote access, ensuring both their safety and that of their customers.
After recently receiving an alert from a major card issuer, we’ve decided to introduce a two-part guide. Consequently, this guide aims to ensure that your payment systems, along with the electronic “chain of command,” remain secure amidst our ever-evolving digital landscape.
The Importance of Secure Remote Access
This week, we focus on the “remote access” part of that chain.
Common Tools and Potential Vulnerabilities
For instance, the industry boasts numerous “remote access solutions” that retailers, particularly those with multiple points-of-sale, frequently employ for management and support. Solutions like LogMeIn, PCAnywhere, VNC, and Microsoft Remote Desktop stand out among these. However, while these tools prove beneficial when used appropriately, they can inadvertently offer the “backdoor” cybercriminals eagerly seek if mishandled. Consequently, the risk escalates significantly if these remote access applications don’t align with the Payment Card Industry Data Security Standard (PCI DSS).
How Cybercriminals Gain Access
Common examples of vulnerabilities that allow cybercriminals to gain access to your POS environment include:
- Remote access ports and services that are always “on” via the Internet.
- Outdated and un-patched software.
- Using default, or simple passwords.
- Use of common usernames and repeating passwords.
- Single-step authentication.
- Improperly set-up firewalls.
The Anatomy of an Attack
Essentially, as these vulnerabilities stack up, the attack pattern emerges as follows: Cybercriminals exploit compromised usernames and passwords, pairing them with remote management software left exposed on the Internet.
Drawing from recent POS attack trends, it seems likely that a single individual or group orchestrates many of these breaches. After gaining access to the merchant’s network, these cyber-intruders swiftly deactivate existing antivirus software and plant their malicious software, creating that aforementioned “back door” into the system.
In systems utilizing payment cards, the malware actively captures pertinent data. Subsequently, cybercriminals market this extracted information on various “black sites,” bundling and selling it to the highest bidder.
Protect Your Business and Customers
Don’t let your information — or your customers’ — be part of such a breach! Next week, in Pt. II, we’ll go over the steps you can take to mitigate security lapses and bolster your own “defenses.”
And of course, a good first step, as always, is to contact your AVPS Rep, to make sure you’re as up-to-date as possible on software, security patches, card readers, and more!
It’s summer, so play safe. And no matter what the season: “sell safe,” too!