The recent news about a security breach involving unauthorized credit card activity at Kmart stores serves as a good reminder for businesses to set up in-depth security layering.
According to an article from Krebs On Security, Kmart’s parent company, Sears Holdings, reported that “store payment data systems were infected with a form of malicious code that was undetectable by current anti-virus systems and application controls.”
While the company said no personal identifying information was obtained, credit card numbers were likely compromised. Thieves could use that cardholder data to create counterfeit cards.
Reports of retail security breaches aren’t rare. In 2014, Sears announced a similar breach, in which malware was used to steal data from hacked point-of-sale (POS) systems. Target and the Home Depot are among other large retailers that have faced data breaches in recent years.
How can your organization help to prevent such a security breach? The key is to go beyond regular security testing protocols, which should include PCI compliance and penetration testing. Here are a couple of important steps you can take to keep your data safe.
Manage Network Segmentation Properly
The cardholder data environment (CDE) should have strong segmentations controls in place, such as firewall rules and VLAN segmentation. If a network is properly isolated, malware won’t be able to communicate stolen data.
Your POS system should only be able to communicate with approved IP addresses, such as your credit card payment processors. This prevents outside fraudulent sources from gaining access to card data, since the card numbers never go across the internet.
Also, if your POS system is running on older software, make sure you have an operational plan in place to keep the software updated and secure for today’s threats.
Use In-Depth Security Layering
Many retailers are moving from magnetic stripe to chip-enabled payments. While chip-enabled cards are a great deterrent, and do provide greater security, they don’t offer a guarantee for preventing security breaches. It’s possible vulnerabilities will be discovered in the chip system.
That’s why you need in-depth security layering. Think of it like having a safe filled with valuable jewelry in your house. In addition to the lock on the safe, you have a lock on your front door and possibly an alarm system. Each is a defensive layer designed to slow down an intruder and prevent access to the jewelry.
Take the same approach to protecting your data. That way, if vulnerabilities within the chip system are discovered, you already have additional layers of protection against a breach.
The Cost Of A Security Breach
Businesses that have a security breach often suffer serious damage. As reported by Inc., Cisco’s 2017 annual cyber security report found that 50% of breached organizations faced public scrutiny. In addition, 22% lost customers and 29% lost revenue following a breach.
To safeguard your company’s reputation, you need to secure your sensitive data. As we have learned from breaches at major retailers such as those listed above, it’s more important than ever to use a layered approach with cutting-edge technologies that keep your data secure.