A Handy AVPS Guide to Point-of-Sale Security, Pt. II: Mitigation & Protection

Last week, we mentioned card issuer alerts calling for more vigilance on the part of merchants to “shore up” their Point-of-Sale systems, in an age of increased hacking, breaches, and network intrusion. 

This lack of security has resulted in some unfortunately spectacular “virtual break-ins,” like the Target breach and the ones that followed, resulting in the information for millions of customers being pilfered, compromised, and sold not only to the “highest bidder,” but to whoever meets the price of those vending the data.

Liability and costs accrue, to say nothing of loss of customer trust — Target sales, for example, took a direct hit in the wake of the POS hack they experienced. (As we go to press, StubHub is the latest to report a breach of customer information.) 

So let AVPS help you from becoming another “target,” or the lastest “hacker headline!”

As mentioned in our previous post, consider this a reminder to check all your remote management software for insecure configurations, use of lapsed or unpatched applications (especially on publicly accessed systems on the internet), easily guess — or default — passwords (or usernames), make sure your system is compliant with PCI DSS.

Also consider the following to help further enhance the security of the “payment-and-information” at your business, and all its outlets and points of sale:

*Make sure firewalls are working, and that firewall rules are operating — for example, only allowing remote access from known IP addresses

*Enable remote access only as needed, and only when necessary

*Restrict remote access to only the service provider and only for established time periods.

*Always use two-factor, or “two-step,” authentication for remote access — i.e., an additional way of “signing in,” or gaining access, besides a username/password screen.

*Verify that a unique username and password exists for each of your remote management applications and devicesContact AVPS, or any other support provider or POS vendor in your system, if you have any questions.

*Aways use the lates versions of remote applications, and as ever, ensure security patches are always applied.

*Check your OS! Upgrade any outdated systems. As previously noted in this space,  for example,  if you’re still on Windows XP you need to start migrating away… now!

For more information, upgrades, questions, etc.  Contact us at AVPS!  

And remember — “have fun — but be safe” isn’t just for summer trips to the beach anymore!

Leave a Reply

Your email address will not be published. Required fields are marked *