Retailers across the board are well-aware of cyber threat defenses needed to protect their stores. The question is if they are continuing to address all basic areas while also investing in preventing newer threats.
Here’s a short cyber threat defense checklist:
- Have you reduced open ports and services on internet-facing systems?
- Are you using next-generation firewall to control access to networks and cloud-based services?
- Have you eliminated unnecessary protocols and services running on endpoints, servers and internal systems?
- Are you enforcing access management policies?
- Are you monitoring privileged users?
- Are you following recommended policies and procedures for overall data security and not just to meet PCI requirements?
- Are you following password, remote control access and wireless security policies?
- Are you protecting your card holder data environment?
- Do you have enough protection from social media channels?
- How about firewall, antivirus, anti-malware, anti-spyware?
- Are you monitoring and logging every event/activity?
- Maintaining the logs for 365 days?
- Are you backing up to reclaim data in case of a disaster?
If you have answered these random questions that are crucial to cyber security positively, then it is a good start. However, more work is needed. Even if only some of the answers are ‘No’, start right away.
For over 25 years, Omega has been helping retail chains in the US implement centrally managed retail systems and data security. OmegaSecure™, the private cloud, hosted data security solution is ideal for convenience stores, petroleum marketers, quick service restaurants, and specialty retailers. As a PCI Certiﬁed Managed Security Services Provider, Omega provides a comprehensive set of services including the Omega Appliance™ to monitor in-store data security, and the Omega Compliance Dashboard™ for tracking compliance status.
Source: 2016 cyber threat defense report.