Increasingly, cyber-criminals have been infiltrating merchants’ POS systems and infecting them with malware—malicious programs that search for consumer credit card information and other data that can then be exploited for financial gain. Fortunately, there are a number of things you can do to protect your POS system from being compromised in this fashion.
1. Exercise proper password precautions: Avoid the temptation to keep the default passwords you probably used when your POS system was installed, as they are a snap for hackers to locate online. Instead, assign unique account names and complex passwords to the system; if possible, use combinations of upper- and lower-case letters and numbers along with other characters, like “!” and “*.” Changing POS system passwords regularly is also important in staying steps ahead of cyber-criminals.
2. Install a powerful anti-virus program: Anti-virus software is a critical element of protection from malware because it identifies programs that currently fall into the “malicious” category, then tries to restrict those programs’ access to the POS system. Important caveats to remember about such software: It must be continually updated so as to remain effective. Additionally, it must be used in tandem with other defenses against malware like those described here, rather than as retailers’ only anti-malware tool. Otherwise, a certain degree of POS system vulnerability will remain.
3. Deploy a firewall: A strong firewall blocks unauthorized access to and from private networks by hackers, viruses, worms and similar types of malware configured especially to compromise the POS system. Without a firewall in place, there is always potential for an outside attack.
4. Consider an endpoint protection product: Some security solution providers offer endpoint protection products that are, if properly configured, purported to thwart the efforts of even the most persistent malware-bearing cybercriminals. Such products include system lockdown, application control, device control and firewall capabilities. These tools enable retailers to reduce the attackable area (or surface) of the POS system by limiting the specific applications that run on the hardware and controlling which devices and applications can access the network. Limiting applications and network accessibility on POS systems can make malware useless because it will not be allowed to run on either the hardware or the network.
5. Restrict employee Internet access: Allowing employees to use your POS system’s computers or terminals for anything and everything creates a huge potential entrée for malware of all sorts. Instead, prevent users from inadvertently exposing the POS system to security threats by enforcing a policy that limits online utilization of the POS system to conduct sales-related activities.
6. Say “no” to remote access: With remote access capabilities, an individual need not be physically present to log in to a POS system as an authorized user. Cyber-criminals have become very adept at exploiting remote access to retailers’ networks in order to work their malware magic. The only way to prevent this from occurring is to configure the system to disallow remote access to the POS network.
7. Update POS software applications regularly: Downloading and installing POS software updates provided by your POS vendor may require a bit of effort, but doing so is a worthwhile endeavor. Failing to ensure that the POS system incorporates the latest software applications and patches, and that these have been downloaded in a timely manner, is really tantamount to asking for a malware attack.
There’s no getting around the fact that cyber-criminals are smart—they are always developing new forms of malware and new ways to infiltrate retailers’ POS systems. However, following the above recommendations should help you to remain one step ahead of the perpetrator pack and to shield your POS system from malware’s effects.
