<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TXC8LN" height="0" width="0" style="display:none;visibility:hidden">

Envysion Blog

cyber attack

Cyber Attacks, Is Your Company Prepared?

Posted by Taylor Grassby on Jul 21, 2015 7:00:00 AM

Find me on:

What Would Your Business Do if Its POS System was Hacked?

If you’re a retailer who uses point-of-sale systems for customer transactions, you’re in possession of valuable data that people inside, and outside, of your company want access to. These systems can be susceptible to cyber attacks, especially if you aren’t prepared. According to research, cyber attacks cost small to medium-size businesses an average of $188,242. If that isn’t chilling enough, nearly two-thirds of attacked businesses are forced out of business within six months of a cyber attack.

The first step to preventing cyber attacks is learning more about the most common types of attacks, followed by taking several simple steps to protect your business from cybercrime.

What are the most common cyber attacks on small businesses?

In 2014, Verizon put together a report that analyzed the most common types of cyber attacks against businesses. They found that 92% of all incidents stemmed from only nine types of attacks.

For retail businesses, the following varieties of cyber attacks are most troublesome:

  • POS intrusions are particularly worrisome in retail settings, where payment information can be stolen, and these attacks have their own specific timeline.

  • Crimeware is particularly common when a company stores a lot of information on various systems, like servers and desktops.

  • Insider and privilege misuse happens when employees, or other people with access to important information, use a company’s data to commit a crime.

  • Payment card skimmers are also commonplace, where a device “skims” customer payment information as they complete their transaction.

  • Physical theft and loss can happen, too. Stolen laptops, documents, hard drives, and more can be targets for criminals.

How your business can prevent cyber attacks

You don’t need to be a security expert to protect your company from cyber attacks, but you will need to spend some time assessing your current situation, and fixing any deficiencies.

1. Do a security audit

Before you can protect your business, you need to have a solid understanding of where your security currently stands. Do you encrypt sensitive data? Where is your most sensitive data stored? Who has access to it, and how are they using it? Do you have a specific security system in place for your POS systems?

Answering these questions will help you determine where your security weaknesses are.

2. Train your employees on cyber attacks

Most companies don’t do an adequate job of educating their employees about the importance of being diligent with their own security. This is especially important as businesses move toward collaborating on the cloud, and as employees work from outside the office. For example, do they know that passwords should never be the same across multiple platforms? Do they realize that “password1234” isn’t going to keep unwanted visitors at bay? Are they aware that email scams are becoming increasingly sophisticated?

3. Use specialized POS services to protect that data

Even though your payment software likely functions in unity with the rest of your software and hardware, POS systems have their own weaknesses that criminals can take advantage of. They make your life easier, but they also make it easy for criminals to access data. You’ll want to ensure that your company has installed a comprehensive POS security system.

Because a POS attack can occur whenever a network is breached, maintaining POS security ties in with every other aspect of preventing cyber attacks.

4. Lock up your network!

WiFi networks are well-loved by hackers. They’re so easy to break into! And, once they’re compromised, it’s oh-so-simple to find sensitive data and information. Always password protect your WiFi network, but try to use a hardwired network when possible. If you can’t, at least disable the network’s SSID (service set identifier) on the router. This ensures that your network can only be accessed by people who know the network’s exact name. And, even if you think your POS system is secure, remember that a savvy hacker can access customer payment information if they already have access to your network.

These steps are just the beginning, and typically, there’s always more than you can be doing to protect your business from cyber attacks. Requiring that computers be locked to a desk, and that all sensitive documents be shredded immediately, are two policies that are relatively easy to implement, for example.

Topics: Loss Prevention

Learn More

Envysion is a leading provider of cloud-based video driven business intelligence that helps companies deliver on their brand promise. At Envysion, we marry operational, financial and employee metrics together with video and sophisticated analytics and make it easy-to-use and accessible, offering visibility into every store…every location…every day…from anywhere.

Taylor Grassby

Taylor Grassby

Account Executive, Envysion

Taylor Grassby, hails from Steamboat Springs, CO. Following his passion for skiing and extensive skiing career as a youth, Mr. Grassby was given an opportunity to work on the other side of the ski business as a factory rep for Nordica North America. It was with Nordica where he discovered his passion for business development as he oversaw all product launches for the company.

As an operations executive at REVE Marketing, he was able to combine, vast industry experience with his technical know-how. From there Taylor went to work as a senior account executive with a SaaS firm specializing in web and mobile development for the conference, convention and trade show industry. 

In addition to his current position as account executive for Envysion, Taylor is attending the University of Denver completing a Masters in Leadership and Organizational Studies with a completion date expected in 2015.

Learn More

Subscribe to Email Updates