For large retail companies and big box retailers, the cybersecurity lessons of the past several years came at great cost: severe brand damage, millions of dollars in lost revenue and, in some cases, the jobs of several highly placed executives. But their losses are your retail customers’ gains. Now that retail cybersecurity is top of mind, make sure your customers in this space are taking the right steps to prevent costly security breaches.
Go beyond PCI compliance.
Your retail customers are no doubt already aware of the importance of payment card industry (PCI) compliance to avoid noncompliance fines and to maintain good working relationships with their banks and payment card processors. If they believe being PCI-compliant means they’ve done everything necessary to ensure data security, however, it’s up to you, their trusted security advisor, to change their minds. PCI compliance is a starting point, nothing more.
Make use of encryption—at rest as well as in motion.
With proper implementation—that is, with the encryption keys securely and exclusively held at the client side—encryption is one of the most reliable means of protecting sensitive data from theft. An advanced encryption appliance or service that can apply corporate-defined encryption to data as they move about the internal network, or before they cross the perimeter to the public wide area network, is a powerful data security tool. But retailers shouldn’t focus all their investments on encrypting data in motion. Data at rest, even on corporate servers, should be protected in order to prevent exfiltration and exposure.
Implement monitoring across all infrastructure.
Finally, stress the importance of awareness to a retail organization’s anti-breach strategy. Even the best-laid security plans can fail if there’s no one awake at the guard tower. For maximum effectiveness, businesses should combine activity monitoring and logging solutions with big-data security analytics to identify anomalous or suspicious behavior in real time. In addition, enterprises need dedicated security administrators at the ready in order to evaluate alerts as they’re generated and determine the proper actions to take.
Of course, not all of your retail customers will have the budget to hire a security specialist. In those cases, resellers ready to offer their own managed security-monitoring services, or to refer customers to others associated with their distributor, will be well-positioned to solidify long-term relationships.
For many in the retail space, the specter of a data breach looms dark and threatening, but the strategy to fight it seems unclear. In your capacity as technology reseller and expert, you can help your clients cut through misconceptions and make the right choices in order to keep their customers’ sensitive data private and safe.
Need more information on protecting data in retail environments? Speak to an Ingram Micro Networking and Security specialist today to learn more