• News
  • Security
  • Products
  • About Seqrite
Seqrite Blog Blog
  • News
  • Security
  • Products
  • About Seqrite
Home  /  Security  /  Are retailers doing enough to protect consumers’ data?
16 August 2017

Are retailers doing enough to protect consumers’ data?

Written by Seqrite
Seqrite
Security
Estimated reading time: 3 minutes

The retail industry has been traditionally perceived to be a happy hunting ground for hackers and other cyber attackers. There are card based and card-not-present transactions done with POS, and online retail purchases and both of these are prone to cyber fraud. There is, therefore, a sword of responsibility hanging over the retailers’ heads with respect to protecting their consumers’ information; safeguarding them from being defrauded.

Cyber risks associated with retail

The retail industry is acutely exposed to cyber attacks because of three main trends:

1. The vulnerability of the Internet of Things – Retailers are one of the biggest adapters of IoT and cloud technologies, with gizmos like RFID trackers for their merchandise, sensors and so on getting huge prominence in stores. All the IoT devices are highly vulnerable to hacking. The real danger comes when the compromised devices turn into zombies operating under the control of the malware and are used to generate a massive amount of traffic to specific websites, which quickly brings them down. This is known as DDoS – Distributed Denial of Service attack, and one that retailers fear. Compromised POS terminals lead to theft of customer credit card and other personal information, which is even more severe.

2. The omnichannel exposure – Retailers are massive early adapters of the digital, omnichannel paradigm. Their consumers are given access through multiple channels, but this increases the points of vulnerability, and that makes it harder to monitor from a security perspective.

3. The rise of malware as a service – Of late, malware- especially ransomware – is readily available for download from the dark net. Even relatively newbies, armed only with criminal intent can avail of the services and launch an attack. This naturally raises the sheer number of possible attackers, and that increases the need for retailers to tighten up on the security front.

Are retailers doing enough?

The impact of a security breach on a retail business is two-fold: one, the immediate cost of repairing and recovering from the breach; and two, the long term cost associated with customer churn and loss of confidence. Retailers find themselves in a sensitive spot with respect to cyber attack vulnerabilities, much more than any other industry.

The general perception is that retailers are not doing enough to protect their customers’ information. It is observed that a large number of companies do not even check their security compliance once a week. Antivirus tools, Intrusion Detection Systems and other solutions are not fully implemented in many retail organizations. It indicates that retailers are only marginally conscious of the difficulties in protecting themselves and have not got into the ‘war’ mode that is presently warranted in cyber security.

Read: Top 5 security threats for retailers in digital age

Measures to protect retailers’ systems and networks

While there is a whole lot that retailers must do to protect their systems and their customers’ information, the two broad areas that require rigorous implementation are:

1. PCI DSS compliance – PCI DSS stands for Payment Card Industry Data Security Standards. Being PCI compliant ensures that a standard security framework is applied throughout all the retailer’s systems that handle critical customer data, coming in from the customers’ credit cards.

PCI DSS includes the use of a system called tokenization, which is a process whereby the important customer data is replaced with randomized tokens generated by a token server. Even if a malicious attack succeeds in penetrating, all it will find is a meaningless token, the actual values being stored in a token lookup table within the external token server.

This also includes minimal data exposure- including letting employees look at customer data only on absolute need basis. It also ensures storing bare minimum customer data and for a bare minimum time.

2. Employing security tools and techniques–  Cyber threats are the most serious form of threat to customer information secrecy, and a slew of layered security measures must be undertaken by the retailers to protect their networks and systems. Firewall and IDS systems protect the network perimeter, and tools like Seqrite’s Endpoint Security protect the end devices which could be computers, phones or even the IOT devices, from being infected by malware.

The retail industry is in a particularly vulnerable spot today. They need to stay competitive by providing online, omnichannel customer access while at the same time face the increased presence of cyber-attackers who threaten to steal their customers’ sensitive information and bring down their business. Retailers today must up their levels of security awareness and invest in a multi-pronged security strategy to protect their business as well as their customers’ information. They can achieve the same through various mechanisms that include standards compliance, and the implementation of rigorous security policies, practices and tools.

As an IT security partner for your business, Seqrite provides comprehensive endpoint security from advanced cyber threats. To know more, visit our website or

seqrite_cta1

 Previous PostHow cyber crime has become the greatest threat to companies acros...
Next Post  How Ransomware works: Understanding the strategy behind cyberatta...
Seqrite
About Seqrite

Follow us for the latest updates and insights related to security for enterprise networks. Subscribe to our newsletter to stay...

Articles by Seqrite »

Related Posts

  • Is your Router exposed to cyber threats

    Is your router exposed to cyber threats? Here is how to safeguard it.

    July 30, 2020
  • Snake ransomware stings to spread its venom in the veins of enterprise networks.

    Snake Ransomware brings impending doom to enterprise networks

    July 10, 2020
  • APT harbingers are using Honey Traps to attack Indian Defence.

    Operation ‘Honey Trap’: APT36 Targets Defence Organizations in India

    July 8, 2020

No Comments

Leave a Reply.Your email address will not be published.

Cancel reply

CAPTCHA Image
Refresh Image

Popular Posts

  • The Data breach inferno burning big-ticket businesses The Data breach inferno burning big-ticket businesses February 5, 2021
  • Turn the Page: Cybersecurity Predictions for 2021 & beyond Turn the Page: Cybersecurity Predictions for 2021 & beyond February 18, 2021
  • Pharma Sector needs to streamline its insides to avoid cyberattacks Pharma Sector needs to streamline its insides to avoid cyberattacks February 12, 2021

Featured Authors

  • Seqrite
    Seqrite

    Follow us for the latest updates and insights related to security for...

    Read more..
  • Viraj Talikotkar
    Viraj Talikotkar

    Viraj is a Lead Technical Writer at Quick Heal Technologies. He is always on...

    Read more..
  • Sanjay Katkar
    Sanjay Katkar

    Sanjay Katkar is the Joint Managing Director and Chief Technology Officer of...

    Read more..

Latest Posts

  • Businesses now worried about the surge in COVID-19 infodemic

    Businesses now worried about the surge in COVID-19 infodemic

    February 26, 2021
  • Turn the Page: Cybersecurity Predictions for 2021 & beyond

    Turn the Page: Cybersecurity Predictions for 2021 & beyond

    February 18, 2021
  • Pharma Sector needs to streamline its insides to avoid cyberattacks

    Pharma Sector needs to streamline its insides to avoid cyberattacks

    February 12, 2021

Stay Updated!

Topics

Antivirus For Linux (10) apt (9) BYOD (9) COVID-19 (10) Cyber-attack (31) cyber-attacks (56) cyberattacks (12) Cybersecurity (279) cyber security (25) Cyber threat (29) cyber threats (44) Data (11) data breach (50) data breaches (27) data loss (28) data loss prevention (33) data protection (21) data security (13) DLP (49) Encryption (16) endpoint security (102) Enterprise security (14) EPS (9) Exploit (12) firewall (11) hackers (9) IoT (10) malware (58) malware attack (22) malware attacks (12) MDM (25) mobile device management (9) Network security (18) Patch Management (12) phishing (16) Ransomware (56) ransomware attack (29) ransomware attacks (30) ransomware protection (12) Seqrite (24) Seqrite Encryption (27) Seqrite EPS (33) Seqrite Services (16) UTM (34) Vulnerability (10)

Products

  • Endpoint Security (EPS)
  • Seqrite Encryption Manager
  • Seqrite Endpoint Security Cloud
  • Cloud Security
  • Seqrite mSuite
  • Seqrite MobiSMART
  • Unified Threat Management
  • Seqrite Secure Web Gateway
  • Antivirus for Server
  • Antivirus for Linux

Resources

  • White Papers
  • Datasheets
  • Threat Reports
  • Manuals
  • Case Studies

About Us

  • Company Overview
  • Leadership
  • Why choose SEQRITE?
  • Awards & Certifications
  • Newsroom

Archives

  • By Date
  • By Category

© 2020 Quick Heal Technologies Ltd. (Formerly Known as Quick Heal Technologies Pvt. Ltd.) Cookie Policies Privacy Policies

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website.
By browsing this website, you agree to our cookie policy.