Securing your online business presence helps protect the whole retail sector, which relies on a range of technologies to manage the customer experience. You need to secure point of sale, website, inventory and other systems to protect high value data like financial transactions, credit card data, business data and employee information from being compromised.
Websites, computers and servers
Your business should be operating a website or websites to promote itself, provide information and sell products or services to customers. Some of these functions require you to collect customer details such as names and addresses, and credit card details. This information is extremely valuable to criminals who may try to steal it using malicious software (“malware”) such as viruses.
Another possible security threat is domain name hijacking. This occurs when a hacker gets access to the domain control panel of your website and redirects it to a different web server. Visitors to your site are unwittingly redirected to the hacker’s website where their information and security can be compromised, not to mention your reputation.
You also need to secure your servers and desktop computers. When a machine is compromised it can be used to launch attempts to break in to, or disrupt service on other systems.
Tips to protect your website and computers:
- Use commercial services that can scan your website regularly for malware and vulnerabilities
- Talk to your website hosting company about the security measures they are employing to protect your web properties
- Back up your website on a regular basis
- Install and regularly update security software to protect your domain name servers
- Limit staff access to your domain registration account and use a restricted or private email account to administer your domain registration
- Install and activate security software on your computers
- Install firewalls and antivirus software on your servers
- Regularly update your server and desktop software
- Read server reports, such as security logs, and monitor for changes and irregularities.
Point of Sale (POS) systems
Your point of sale (POS) systems and devices are at the front line of the war against criminals seeking to steal information. Hackers target POS systems because they’re often neglected and offer direct access to payment card data.
Tips to protect your POS:
- Keep your POS software up to date
- Use security software including firewalls and antivirus products
- Restrict POS access to the internet
- Disable remote access
Your business might use mobile devices such as tablets, smart phones, laptops and notebooks for inventory or as POS on the shop floor. These devices are also vulnerable to loss or theft.
Tips to protect your mobile devices:
- Use unique passwords on their mobile devices and change them regularly
- Install and regularly update antimalware software on mobile devices.
- Ensure all mobile devices run current web browsers, operating systems and applications
- Educate your employees about the risk of inadvertently downloading malware onto mobile devices
- Establish a virtual private network to allow users to securely access applications and information via a web browser
As new security threats emerge and you rely more and more on the internet to do business, the security measures you implement today could save your organisation from problems tomorrow.
The NRA’s Digital Business Kit for Retail has a whole online security module available for small-to-medium size retailers with handy information and tips on:
- Identifying internal, external and environmental online security and privacy risks;
- Reviewing the benefits of using security practices;
- Assessing suitable security strategies for their retail business; and
- Developing a plan to implement best-practice security and privacy policies.
Don’t forget to also check out the tips and information provided on the Australian Government’s Stay Smart Online website.