How to Secure Your POS System

Thursday, November 8, 2018 by under Monitoring, Top Tips

How to Secure Your POS System

Last year, hackers installed malware on a clothing retailer’s point-of-sales (POS) system, allowing the cyber criminals to steal consumer payment information for seven months.

A POS system hack is similar to a computer hack. Cyber criminals gain access to the system by installing a monitoring device on the POS system to steal payment information. Not only does this harm the consumer, but retailers are often subject to lawsuits and hefty settlements.

With so many threats to POS systems, as well as the amount of new malware being created, security is challenging. That’s why retailers and business owners must take special precautions when it comes to their system. Read on to learn how to secure your POS system.

Best Practices For Securing Your POS System

Follow these best practices to learn how you can secure your system and prevent a POS intrusion.

1. Install antivirus software. This is probably the simplest way to protect yourself from an attack. Antivirus software is a program you can download onto your system to continuously scan for viruses or malicious files.

2. Use encryption. In the incident where cyber thieves installed payment-stealing malware onto the clothing retailer’s POS system, experts found that the situation could have been prevented if the retailer had encryption turned on. This cyber security tactic disguises data as it’s shared across networks, which makes it extremely difficult to hack.

3. Monitor terminals with video surveillance. There have been reports of cybercriminals attaching skimmers to POS systems. These devices capture payment information every time a card is swiped. Consider installing surveillance cameras above all POS terminals to prevent skimmers on your POS terminals.

4. Secure your network. Some thieves don’t even have to walk into the store to steal payment information—it can all be done through an Internet connection. To prevent POS intrusions, secure all networks with a strong password and consider setting up a segmented connection for even more protection.

5. Implement a POS monitoring service. This service identifies cashier infractions as they happen by sending video clips and POS data based on the exceptions specified. Exceptions could include:

  • Cashier in and out
  • Drawer openings without a sale
  • No sales
  • Refunds
  • Reverse transactions
  • Sales under one dollar
  • Voided transactions
  • Zero dollar transactions

6. Keep all POS software up to date. Like any software, always update programs and devices. With outdated software, hackers are able to identify vulnerabilities and gain access to your system.

7. Regularly test your system. Always run security tests and checks to assess the strength of your POS system. This will help you identify and fix any weaknesses. It also verifies that all aspects of your system are secure.

8. Enable two-factor-verification and use complex passwords. Add a second layer of security and reconfirm your identity every time you log in. Change passwords every six months and make sure they contain uppercase letters, numbers and symbols.

9. Physically secure your POS device. POS terminals should be securely fastened and locked down to prevent thieves from breaking in and stealing devices. For extra security, install monitored alarms to receive an immediate notification in the event of a break-in.

10. Teach employees how to spot suspicious activity. Your employees can be extremely effective in POS security. Train them to spot unusual activity, check for skimmers and apply best cyber security practices. Additionally, ensure every employee understands internal cyber security controls and how to report a POS intrusion to help minimize the damage.

Although there are many threats to your POS system, intrusions can be avoided with the right safeguards in place. Contact a trusted security vendor for a customized plan and proper installation.

How do you secure your POS system? Share in the comments below.

The content herein is provided for informational purposes only, "AS IS" and without any representation, warranty or condition as to its accuracy or reliability. The content herein is not intended to modify, and does not modify, the terms and conditions of any agreement between you, including the company or entity you represent (“You”), and Vector Security, Inc. and/or its affiliates (collectively, “Vector”), or to create any legal obligation of Vector to You with respect to content or otherwise.

 

Please read our commenting policy before posting comments.


comments powered by Disqus