Solutions Spotlight

October is National Cyber Security Awareness Month – Are you cyber ready?

How a Security-Only Network Can Limit Risks from Data Breaches

Oct. 24, 2016: By Chris BenVau, SVP Enterprise Solutions for Protection 1

One of the biggest challenges facing retailers of all sizes is cyber-attacks. According to the FBI, it is no longer a question of if you will experience an attack but rather when. In September 2016, Vera Bradley revealed payment cards used at their retail stores were potentially hacked over a two month period this summer. Their investigation revealed unauthorized access to Vera Bradley's payment-processing system and the installation of a program seeking data from magnetic stripes-which could contain the card number, cardholder name, expiration date and verification code.

Vera Bradley joins a long list of notable retailers who have experienced this “new” crime that attempts to “steal” information on their clients including Neiman Marcus, Hannaford Brothers Supermarkets, USP, Target and The Home Depot to name just a few. In addition to combating employee theft, vendor fraud and shoplifting, loss prevention professionals need to add cyber-crime to the top of their lists.
 

One of the biggest challenges facing retailers of all sizes is cyber-attacks. According to the FBI, it is no longer a question of if you will experience an attack but rather when. In September 2016, Vera Bradley revealed payment cards used at their retail stores were potentially hacked over a two month period this summer. Their investigation revealed unauthorized access to Vera Bradley's payment-processing system and the installation of a program seeking data from magnetic stripes-which could contain the card number, cardholder name, expiration date and verification code.

Vera Bradley joins a long list of notable retailers who have experienced this “new” crime that attempts to “steal” information on their clients including Neiman Marcus, Hannaford Brothers Supermarkets, USP, Target and The Home Depot to name just a few. In addition to combating employee theft, vendor fraud and shoplifting, loss prevention professionals need to add cyber-crime to the top of their lists.

Cyber-criminals are becoming more sophisticated in their attempt to breach your data. Estimates forecast there may be as many as 12,000 malware attacks launched every hour, according to Av-test.org, the independent IT Security Institute. These attacks come in a variety of formats such as phishing, spam, data-stealing Trojans, Ransomware and DDoS attacks. Criminals can enter your networks from a corrupt email attachment, an IoT device or an unsecure third-party vendor who has access to your business through legitimate means.

So what can a retailer do? There are a number of steps that can be taken to shore up your cyber defense, ranging from enacting policies and procedures to strengthening common workplace practices, including creating strong passwords and training employees. We also recommend taking a layered approach to security that covers your network, all endpoint devices on the network, Guest WI-FI and executing a data protection and disaster recovery program.

At Protection 1, our retail clients are adopting a security-only network that physically separates the business data and POS transactions from the security devices installed. This can protect the brick and mortar dwelling such as intrusion detection, video, access control and related infrastructure. It is becoming more common for cyber thieves to hijack an IP-camera on a network to use as a back door into your systems.

The benefits of a dedicated security-only network are multi-faceted: a security-only network delivers a higher level of protection and offers faster speeds, more bandwidth with easier access for loss prevention and security teams -- while not impacting business critical systems.

Further benefits to a security-only network include nearly unlimited access for applications, such as the remote monitoring of video or conducting remote investigations. This provides investigators with immediate access to video and supporting data to reduce travel, associated expenses and the overall time it takes to conduct the investigations.

When the security-only network is monitored by a certified third-party provider, added benefits include advanced alerts of potential system failure or attempted breach of the network. The monitoring company can also ensure that the network has the latest security protocols and anti-virus software at all times.

For those retailers who are considering a third-party provider for security-only networks, traditional IT companies that design and implement standard networks may not be your best option. Selecting a company that has the proper certifications for designing networks as well as deep industry knowledge of the security devices running on the network and how they need to work together will greatly enhance the overall end result.

According to our client’s Senior Vice President of Loss Prevention for a high-end global retail brand, deploying a separate network for his security solutions gives him added peace-of-mind knowing a potential data breach is not coming from the security devices. Since it is managed and monitored 24/7/365, if an attempted breach were to take place it would be immediately identified and stopped.

At Protection 1, we want to help you get cyber-ready by protecting your digital assets through a security-only network and serve as a single point of contact for your IT security needs. We specialize in large, complex projects that require deep knowledge and advanced skill sets in both security and IT.

The D&D Daily and D-Ddaily.net - divisions of Downing & Downing, Inc.

info@d-ddaily.net ~ 1.440.942.0671

36615 Vine St., Suite 103 ~ Willoughby, OH 44094

© 2005-2025 Downing & Downing, Inc. ~ All Rights Reserved Globally ~ Webmaster Design By J, LLC