Welcome!

Cloud Expo Authors: Elizabeth White, Pat Romanski, Plutora Blog, Vormetric Blog, Jason Bloomberg

News Feed Item

Ready, Set, Sell ... and Don't Forget to Secure!

Verizon Offers Security Tips for Retailers to Help Ensure a Safe and Successful Holiday Shopping Season

NEW YORK, Nov. 28, 2012 /PRNewswire/ -- Now that retailers have stocked their shelves, decked out their aisles and halls and put in place discounts for in-store and mobile shoppers, it's critically important for them to secure point-of-sale online and mobile systems.  As retailers – from large chains to mom and pop operations -- gear-up for the holiday shopping season, Verizon is offering security tips that should be at the top of every retailer's holiday checklist.

"We know from Verizon's 'Data Breach Investigations Report' that retailers -- which benefit from the lion's share of consumer spending over the holidays -- are among the most vulnerable to cybercrime and theft," said Scott Eason, vice president of retail and financial services for Verizon Enterprise Solutions.  "Taking stock of vulnerabilities and putting some simple practices in place will help retailers protect their customers and assets."

Here is a list worth checking twice to bolster security for retailers' operations and customers:

  • Maintain current compliance with Payment Card Industry Data Security Standards. (PCI-DSS). Compliance with PCI-DSS requires continuous adherence. This means a daily log review, weekly file-integrity monitoring, quarterly vulnerability scanning and annual penetration testing. To maintain continued compliance, Verizon recommends designating an internal PCI "champion" so that compliance becomes part of daily business activities during the holidays -- and every day.
  • Self-validate very carefully – or entrust it to a credible expert.  Top-tier merchants – which process the highest volumes of cardholder transactions – are allowed to assess themselves against the PCI standards.  But due to the numerous issues and conflicts of interest this can cause, Verizon recommends that an objective and credible third party validate the scope of the assessment or perform the testing.
  • Only use third-party security vendors who are credible experts.  Verizon's "Data Breach Investigations Report' analysis revealed that small businesses and franchises of large chains are most vulnerable to cybercrime. If a third-party vendor manages a retailer's POS systems, the retailer should ask the vendor to confirm that PCI compliance measures are in place.
  • Educate employees so that they can recognize security breaches and help keep security measures active.  In addition to designating an internal PCI champion to ensure that the PCI security standards are being adhered to, employee education is critical for recognizing telltale signs of a breach and to understanding that prevention measures are working.
  • In the era of omni-channel retailing, ensure that online and mobility channels are secure.  Protect public-facing Web assets, which are great for attracting customers, but also magnets for cyberthieves.  Protect in-store mobile assets through mobile-device management that can authorize approved employee access to corporate information, encrypt data, protect against viruses, and remotely lock and wipe devices of critical corporate information.
  • Frequently change administrative passwords on all point-of-sale systems.  Hackers constantly scan the Internet for guessable passwords, so avoid using POS systems to browse the Internet.
  • Implement a firewall or access control list on remote access and administration services.  If hackers can't reach a retailer's system, they can't easily steal from it.

"There will be many opportunities throughout the holiday season for mischievous hackers, thieves and other bad actors to breach retailers' systems," added Eason.  "For retailers, taking steps to ensure they're protected will be essential to keeping cash registers ringing, Web transactions shipping and digital wallets pinging with confidence."

Verizon Enterprise Solutions creates global connections that help generate growth, drive business innovation and move society forward.  With industry-specific solutions and a full range of global wholesale offerings provided over the company's secure mobility, cloud, strategic networking and advanced communications platforms, Verizon Enterprise Solutions helps open new opportunities around the world for innovation, investment and business transformation. Visit verizon.com/enterprise to learn more.


Verizon Communications Inc. (NYSE, Nasdaq: VZ), headquartered in New York, is a global leader in delivering broadband and other wireless and wireline communications services to consumer, business, government and wholesale customers.  Verizon Wireless operates America's most reliable wireless network, with nearly 96 million retail customers nationwide.  Verizon also provides converged communications, information and entertainment services over America's most advanced fiber-optic network, and delivers integrated business solutions to customers in more than 150 countries, including all of the Fortune 500.  A Dow 30 company with $111 billion in 2011 revenues, Verizon employs a diverse workforce of 184,500.  For more information, visit www.verizon.com.

VERIZON'S ONLINE NEWS CENTER: Verizon news releases, executive speeches and biographies, media contacts, high-quality video and images, and other information are available at Verizon's News Center on the World Wide Web at www.verizon.com/news.  To receive news releases by email, visit the News Center and register for customized automatic delivery of Verizon news releases.

 

SOURCE Verizon

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@CloudExpo Stories
In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect at GE, and Ibrahim Gokcen, who leads GE's advanced IoT analytics, focused on the Internet of Things / Industrial Internet and how to make it operational for business end-users. Learn about the challenges posed by machine and sensor data and how to marry it with enterprise data. They also discussed the tips and tricks to provide the Industrial Internet as an end-user consumable service using Big Data Analytics and Industrial C...
How do APIs and IoT relate? The answer is not as simple as merely adding an API on top of a dumb device, but rather about understanding the architectural patterns for implementing an IoT fabric. There are typically two or three trends: Exposing the device to a management framework Exposing that management framework to a business centric logic Exposing that business layer and data to end users. This last trend is the IoT stack, which involves a new shift in the separation of what stuff happe...
"SOASTA built the concept of cloud testing in 2008. It's grown from rather meager beginnings to where now we are provisioning hundreds of thousands of servers on a daily basis on behalf of customers around the world to test their applications," explained Tom Lounibos, CEO of SOASTA, in this SYS-CON.tv interview at DevOps Summit, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The Industrial Internet revolution is now underway, enabled by connected machines and billions of devices that communicate and collaborate. The massive amounts of Big Data requiring real-time analysis is flooding legacy IT systems and giving way to cloud environments that can handle the unpredictable workloads. Yet many barriers remain until we can fully realize the opportunities and benefits from the convergence of machines and devices with Big Data and the cloud, including interoperability, ...
“The year of the cloud – we have no idea when it's really happening but we think it's happening now. For those technology providers like Zentera that are helping enterprises move to the cloud - it's been fun to watch," noted Mike Loftus, VP Product Management and Marketing at Zentera Systems, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
BMC Software plans to acquire assets of CDB Software, Inc., a mainframe data management company that has developed utilities for managing IBM DB2 databases with virtually no outage. Focusing on the availability of mission-critical applications is strategic for BMC as it continues to help its customers transform IT into a competitive advantage for their business. CDB's technology complements BMC's existing mainframe data management portfolio, which includes software utilities for DB2 administrat...
The Internet of Things (IoT) promises to evolve the way the world does business; however, understanding how to apply it to your company can be a mystery. Most people struggle with understanding the potential business uses or tend to get caught up in the technology, resulting in solutions that fail to meet even minimum business goals. In his session at @ThingsExpo, Jesse Shiah, CEO / President / Co-Founder of AgilePoint Inc., showed what is needed to leverage the IoT to transform your business. ...
IoT is still a vague buzzword for many people. In his session at @ThingsExpo, Mike Kavis, Vice President & Principal Cloud Architect at Cloud Technology Partners, discussed the business value of IoT that goes far beyond the general public's perception that IoT is all about wearables and home consumer services. He also discussed how IoT is perceived by investors and how venture capitalist access this space. Other topics discussed were barriers to success, what is new, what is old, and what th...
The Internet of Things (IoT) is rapidly in the process of breaking from its heretofore relatively obscure enterprise applications (such as plant floor control and supply chain management) and going mainstream into the consumer space. More and more creative folks are interconnecting everyday products such as household items, mobile devices, appliances and cars, and unleashing new and imaginative scenarios. We are seeing a lot of excitement around applications in home automation, personal fitness,...
"ElasticBox is an enterprise company that makes it very easy for developers and IT ops to collaborate to develop, build and deploy applications on any cloud - private, public or hybrid," stated Monish Sharma, VP of Customer Success at ElasticBox, in this SYS-CON.tv interview at DevOps Summit, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Dale Kim is the Director of Industry Solutions at MapR. His background includes a variety of technical and management roles at information technology companies. While his experience includes work with relational databases, much of his career pertains to non-relational data in the areas of search, content management, and NoSQL, and includes senior roles in technical marketing, sales engineering, and support engineering. Dale holds an MBA from Santa Clara University, and a BA in Computer Science f...
Software AG and Wipro Ltd. have announced a joint solution platform for streaming analytics that provides real-time actionable intelligence for the Internet of Things (IoT) market. “The key to successfully addressing the IoT market is the ability to rapidly build and evolve apps that tap into, analyze and make smart decisions on fast, big data”, said John Bates, Global Head of Industry Solutions and CMO, Software AG. To address the huge market potential created by streaming analytics in conj...
OneCloud Software has launched the OneCloud Partner Program. Responding to demand from prospective partners, the Program offers managed service providers (MSPs) and resellers the resources they need to grow their business with the OneCloud Recovery solution. OneCloud Recovery is an automated solution for disaster recovery/business continuity (DR/BC), which leverages Amazon Web Services as the disaster recovery site. “This is a tremendous opportunity with an innovative hybrid cloud-based DR pro...
Cloud Technology Partners on Wednesday announced it has been recognized by the Modern Infrastructure Impact Awards as one of the Best Amazon Web Services (AWS) Consulting Partners. Selected by the editors of TechTarget's SearchDataCenter.com, and by votes from customers and strategic channel partners, the companies acknowledged by the Modern Infrastructure Impact Awards represent the top providers of cloud consulting services for AWS including application migration, application development, inf...
“We help people build clusters, in the classical sense of the cluster. We help people put a full stack on top of every single one of those machines. We do the full bare metal install," explained Greg Bruno, Vice President of Engineering and co-founder of StackIQ, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Axios Systems on Tuesday announced it has selected CenturyLink Cloud as the hosting platform for Axios Systems’ IT Service Management (ITSM) solutions in Canada. CenturyLink, a global provider of communications and IT services, joins other leading technology providers across North America, Europe and APAC to help Axios’ international customers drive efficiencies and innovation across their service management provision. The arrangement with CenturyLink enables Axios to further strengthen its pres...
"Blue Box has been around for 10-11 years, and last year we launched Blue Box Cloud. We like the term 'Private Cloud as a Service' because we think that embodies what we are launching as a product - it's a managed hosted private cloud," explained Giles Frith, Vice President of Customer Operations at Blue Box, in this SYS-CON.tv interview at DevOps Summit, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
"People are a lot more knowledgeable about APIs now. There are two types of people who work with APIs - IT people who want to use APIs for something internal and the product managers who want to do something outside APIs for people to connect to them," explained Roberto Medrano, Executive Vice President at SOA Software, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
An entirely new security model is needed for the Internet of Things, or is it? Can we save some old and tested controls for this new and different environment? In his session at @ThingsExpo, New York's at the Javits Center, Davi Ottenheimer, EMC Senior Director of Trust, reviewed hands-on lessons with IoT devices and reveal a new risk balance you might not expect. Davi Ottenheimer, EMC Senior Director of Trust, has more than nineteen years' experience managing global security operations and asse...
Performance is the intersection of power, agility, control, and choice. If you value performance, and more specifically consistent performance, you need to look beyond simple virtualized compute. Many factors need to be considered to create a truly performant environment. In his General Session at 15th Cloud Expo, Harold Hannon, Sr. Software Architect at SoftLayer, discussed how to take advantage of a multitude of compute options and platform features to make cloud the cornerstone of your onlin...