How retailers can stay safe from e-skimming and attacks on POS systems over the holidays

December 17, 2020
POS systems based on the iPad have grown popular over the years and are especially vulnerable to attack over the holidays. Today’s columnist, Greg Foss of VMware Carbon Black, analyzes some of the threats retailers face and offers security tips to make online and POS shopping systems safe. Nagarjun Creative Commons Attribution 2.0 Generic CC BY 2.0)
  • Secure the integrity of both end-user and POS systems, and maintain the ability to monitor network activity for both preventative and forensic measures in the event of an attack. 
  • Collect, aggregate, and alert real-time process data from endpoints and POS systems alike, in addition to monitoring related infrastructure residing within the organization’s network.
  • Document baseline behaviors across POS systems and implement a process to identify changes. Use this data to identify the deployment of malicious card-skimming POS malware, such as TinyPOS.
  • Ensure that all applications are up-to-date via patch management and vulnerability prioritization. Conduct regular code integrity checks on public-facing e-commerce applications and implement web application firewalls as an added layer of defense.
prestitial ad