Cyber-attacks are one of the greatest threats facing global businesses today. Hardly a day goes by that there is not a report of another company suffering at the hands of hackers breaching their networks and stealing sensitive customer or proprietary business data. According to Identify Theft Resource Center (ITRC), there were 781 known data breaches in 2015. This is the second highest number on record since tracking began in 2005.
Although data breaches and cyber-attacks are real risks for all type of public and private organizations, retailers are particular vulnerable to these types of crimes. In this highly competitive industry, these crimes can have devastating effects on consumers and potentially damage the retailer’s brand and corporate reputation irreparably.
Furthermore, cyber-crimes do not target one class of retailers. Over the past several years, retailers from super stores to supermarkets have reported data breaches where potentially millions upon millions of consumer debit and credit card information were exposed or comprised.
Emerging Trends
In response to the threats presented by cyber-criminals, many retailers are physically separating their IT infrastructure for their networks based on their primary usage to limit exposure. A prime example is creating a separate network to run physical security applications from the network used for POS data. A security-only network is typically used to host the company’s security devices such as intrusion detection, video, access control devices and related devices along with building automation systems such as HVAC.
Benefits
The benefits of a these networks are multi-faceted. Not only does the security-only network deliver a higher level of protection but also offers faster speeds, more bandwidth and easier access to the network for loss prevention teams while not impacting business critical systems.
Further benefits to a separate network include nearly unlimited access to applications such as remote monitoring of video or conducting remote investigations, allowing investigators immediate access to video and supporting data. Many times loss prevention teams are relegated to downloading video for investigative purposes in the overnight hours when the primary network is not being used for POS data. Easy access to video can also reduce travel time to specific locations and associated expenses as well as the time it takes to conduct the investigations.
When the security network is monitored by a certified third-party provider, added benefits include advanced alerts of potential system failure or attempted breach of the network. The monitoring company can also ensure that the network is adhering to the latest network security protocols and has updated anti-virus software at all times.
Who should consider a security-only network
Any type of retailer that is looking to provide a safer and more secure environment for its customers’ data while maintaining a higher level of security for its business critical operations is a candidate for a dedicated security-only network.
Selecting a third-party provider
When considering a third-party provider for security-only networks, traditional IT companies that design and implement standard networks may not be your best option. Selecting a company that has the proper certifications for designing networks as well as deep industry knowledge of security devices and how they need to work together will greatly enhance the overall end result.
Certifications such as Cisco Cloud and Managed Services Partner Certification, Meraki Certified, Sonicwall Certified, and security product-specific certifications will ensure successful system integration. Cisco Cloud and Managed Services Partner certification recognizes companies who have attained the expertise in the planning, designing, implementing and supporting of cloud or managed services based on Cisco platforms.
Don’t become another data breach statistic. Get our FREE Special Report, Data Security: Data Loss Prevention Best Practices and Proven Policies to Combat Data Breaches right now!
Steps to consider when designing a security-only network
One of the first steps is to identify the circuit requirements for the security-only network. Understanding what types of applications are going to be running on the network and how much bandwidth and speed is necessary to support the applications is key. Security-only networks are often based on commodity broadband, so it is important to ensure that the carrier can deliver reliable service and speed at any given location.
Once the network parameters of adequate circuit bandwidth are determined, additional considerations that must be designed into the system include remote (VPN) access and appropriate security measure and rules. At a minimum there should be a strict password update rule both for duration of password life as well as re-use of passwords used in the past. Ideally a consolidated security identification system should be established to ensure continuous monitoring of access with biometric or other proven security solutions as part of any access to the network.
If any part of the network is wireless enabled, appropriate security for network access and ongoing traffic monitoring are essential. If they are not part of the system, monitoring to make sure that no additional devices with wireless capability are installed on the system.
Firewall protection design is essential. With the advent of IPv6 and its inclusion in networks, there is potential for security breach when tools designed for IPv4 are faced with IPv6 calls.
Continuous monitoring for abnormal network traffic, behavior or attempted unauthorized access are discovered, rules for appropriate notification and/or lockout must be determined and enforced.
One less thing to worry about
The growing threat of data breaches, cyber-crime, and the high cost associated with remediating the aftermath of an attack, both in terms of hard dollars and the damage to brand reputation and customer trust, can be devastating to a retailer.
Cyber-crime rates are escalating at exponential levels and cyber-criminals will continue to grow more sophisticated in their approach. Now is the time to ensure your business is protected.
The vice president of loss prevention for a leading international retailer summed it up by saying, “Deploying a separate network for security and having an independent team monitor it is one less thing that I need to worry about.”
The post The Benefits of a Security-Only Network to Limiting Risks from Data Breaches appeared first on LPM.