Can you believe it’s November already? In a couple of weeks, Thanksgiving will be here. And you know what that means? The Holiday rush will be in full swing for retailers.
It’s a busy time for them. And this year, a 2019 Deloitte holiday survey predicts that online retail sales will jump from 14% to 18%.
With growing online sales, retailers are prime targets for cyberattacks.
That’s right, the bad guys will be shopping this holiday season, too. But not for the same items. They will be shopping for the wallets of retail customers.
And to be clear, I’m not only talking about the big fish, like Walmart and Amazon. Small retailers are also vulnerable to attack. That’s because they often don’t have the training, budget, or resources.
With the right controls and awareness, retailers can better protect themselves during holidays. Below are our top 6 holiday cybersecurity tips for retailers.
6 Holiday Cybersecurity Tips for Retailers
Strength In-Store WIFI
These days, it is common for retailers to have in-store WIFI and allow customers to access it. In-Store WIFI is a win-win for customer experience; yet, there can be downsides. What if a hacker accesses it?
Two tools to fight against this tactic is multi-factor authentication and harden restrictions. With authentication, any accessible endpoint must confirm their identity and authority for access.
Update Everything
All desktops, laptops, and mobile devices should be up to date. The same goes for all operating systems and applications. Why? Because updates help protect against the latest threat.
To help manage all the updates, you need a patch management policy. A patch management policy covers the process for all updates within your network. These include patches for routers, firewalls, servers, operating systems, etc.
In the best cases, a patch management policy will assess, install, test, and document each patch.
Protect Against Digital Skimmers
Digital skimmers are JavaScript codes that occupy an online retailer’s checkout page. And its goal is to steal credit card data. In most cases, a skimmer attaches itself to a website via a compromised third-party code, like a plugin.
To protect against skimmers, retailers should be on the lookout for malicious third-party code. If you work with third parties, make sure you thoroughly understand their security protocols. Also, remember to update your website’s plugins.
Segment the Network
Online traffic surges during the holidays. To prepare for that, retailers should segment their online presence from their internal network.
For example, it’s not uncommon for small retailers to have multiple devices on the same network. These devices could be security systems, POS terminals, Internet access, and so on.
But here’s the catch, an attacker only needs to find a weakness in one of those systems to launch an attack. All roads should not lead to Rome – or in this case the same network.
Tighten Network Security
End-users may be inadvertently providing an easy access route to your website servers. Here are a couple of things to tighten up network security:
- Logins expire after a short period of inactivity.
- Passwords are changed frequently.
- Passwords are strong and NEVER written down.
- All devices that access the network are scanned for malware
Get Help
Maintaining a good IT security posture is an ongoing task. It requires ongoing action and review. With that said, our last cybersecurity tip for retailers is to get help from an expert.
One of the most effective ways for a retailer to increase its security is through the efforts of others. It’s not uncommon for small retailers to use security service providers to amplify the capabilities of their in-house IT teams.
And you, happen to be in luck. MRW Systems does exactly this through our cyber security service, NetGarde. At NetGarde, we partner with you to help you predict, detect, and respond to cyber threats. Under our security wing, you’ll be able to continue to run your business with peace of mind.