How Can Retailers Protect Their Critical Data in the Midst of the Holiday Season’s Shopping Madness?
The Most Wonderful Time of the Year: Queue Online Shopping Madness
Black Friday and Cyber Monday are approaching quickly, which means that online traffic will skyrocket while holiday retail sales flood the internet. In some aspects, it’s a positive—online shoppers will take advantage of seasonal deals and complete their holiday shopping from the convenience of their own homes, while retailers will enjoy a considerable upsurge in sales. According to eMarketer, U.S. ecommerce sales will increase by 17.2% this holiday season. Throughout November and December, holiday retail ecommerce sales will increase to $94.71 billion, which is 10.7% of all holiday retail sales—the largest percentage to date.
‘Tis the Season (For Cybercrime)
Much of the risk retailers face during the holiday shopping season is lurking on the internet. Increased risk is driven primarily by volume; online sales are open to the vulnerability of lost revenue due to transaction volumes that overwhelm systems and cause shutdowns. However, risk isn’t necessarily limited to online shopping. High traffic in stores can make staff more likely to skip steps in procedures to validate cards and cardholders. Further, mobile payment capabilities such as Apple Pay® and Android Pay® are allowing consumers to use their phones to transmit credit card information. Arguably, this innovation is a security enhancement since a unique token is used for each transaction, but it adds an additional layer of technical complexity for merchants, who have to update equipment and train employees on a new capability.
With the overwhelming raise in online shopping, while temporary, it significantly increases the chances of successful data breaches. It’s an unfortunate scenario that’s been witnessed many times. Take the infamous Target breach, which as reported by Krebs on Security, not only took place two days before Black Friday, but resulted in 40 million stolen credit and debit card numbers and 70 million personal records between Nov. 27 and Dec. 15, 2013, and a resulting 46% drop in profits in Q4 of 2013.
Both retailers and payment card processors face the constant threat of cyberattacks. Retailers are responsible for the point-of-sale, including the systems and personnel handling the transaction. Payment card processors take responsibility after the transaction is handed off to them. These lines of responsibility are defined in contracts between, card issuers, processors and merchants.
How Retailers Can Effectively Protect Themselves and Their Customers
The holiday season is a risky time for retailers. Ensuring your business is fully prepared to receive the influx of transactions securely will save you the devastating repercussions of a successful cyberattack resulting from a weak information security posture and strategy.
- The first priority in staying secure is starting with the people, rather than the systems. Make certain your staff is trained in transaction security. NMI pointed out that merchants often hire seasonal staff to address the increased demand. Unfortunately, frauds prey on undertrained temp workers, who are far less likely to be able to identify transactional anomalies or have the experience to handle them. Temp workers are also less likely to be as attentive in keeping an eye out for signs of fraud. Be vigilante of card skimming devices, as well.
- In terms of the technology supporting transactions, make sure computer systems are patched, and maintain updated anti-malware software to protect POS systems. Data security is an around-the-clock objective—your business cannot afford for your IT team to overlook critical data protection measures. Online data must be secured, so employ payment gateway software that enables encryption and stores data safely in a digital environment.
- Also place emphasis on infrastructure fundamentals, as recommended by CIO from IDG. Your infrastructure should be resilient to outages and downtime long before the traffic uptick begins. The main point of vulnerability is in system shutdowns that occur as a result of unmanageable transaction volume.
Advice from Security Experts
Holiday shopping season is coming quickly, and there’s not much time left to make sure your business is prepared. It is critical that your IT team assesses infrastructure resiliency and overall security posture to confirm that your systems are ready and protected. Few businesses can afford to manage the damages caused by successful data breaches.
Don’t wait any longer to speak to a security representative about protecting your business’ data, as well as the data of your customers. To talk with a Peak 10 security expert now, visit www.peak10.com/contact-us or call (866) 473-2510.