Five Steps Retailers Can Take to Fight Card Theft

Chick-fil-A recently became the latest victim of a credit card breach, bringing to light the threat that all quick serve restaurants and small retailers are increasingly facing from hackers and data thieves and underscores the challenges businesses face in keeping their networks and data secure.  

The company's investigation is focused on the point-of-sale (POS) network at some of its restaurants, and the breach is thought to have occurred between December 2013 and September 2014.

Brian Krebs, an Internet blogger who specializes in banking security, reported that one financial institution claims that the common thread among approximately 9,000 of its affected customers are purchases at Chick-fil-A restaurants. Only time will tell as more information becomes available, but in any case, Chick-fil-A has promised that customers will not be held responsible for fraudulent charges if their credit cards were compromised at one of their restaurants.

These simple methods can help protect merchants from electronic credit card theft:

Protect a location’s incoming internet traffic. The first step in stealing data is finding an avenue into the targeted business.  All of a business’ data circuits and its Internet connections must be protected by a robust and adaptable firewall, protecting the business from unwanted incoming traffic.

Implement secure remote access. When permitting remote access to a network for the management of POS and other systems, it is essential that this access is restricted and secure. At a minimum, access should only be granted to individual (not shared) user accounts using 2-factor authentication and strong passwords. Remote access activities should also be logged so that an audit trail is available. 

Keep anti-malware software up-to-date. It is critical to keep all anti-virus / anti-malware software up-to-date with the latest versions and definitions. The companies that make anti-malware software monitor threats constantly and regularly update their packages to include preventive measures and improvements to thwart malware seen in other attacks.

Update your point of sale as security patches are released. Much like anti-virus / anti-malware updates, Point-of-Sale manufacturers are constantly improving their software to prevent hackers from stealing data, especially if a criminal manages to bypass the built-in security.  It is essential that the latest security releases and patches be installed on all POS systems.

Limit outbound internet traffic. In addition to blocking unwanted traffic from getting into a location, it is always a good practice to selectively block outgoing traffic as well.  Many modern breaches involve software that becomes resident on your network and then tries to send sensitive data to the hacker’s system via the Internet. No system can completely prevent unwanted malware or viruses, so a good last line of defense is making sure secure data doesn’t leave your network without your knowledge.  The same firewall used in Step One should be configured to monitor outgoing traffic as well as incoming.

Kevin Watson is CEO of VendorSafe Technologies.