TJ Maxx is recognized as the largest off‐price clothing retailer in the United States. Unfortunately, they’re also known for the biggest credit‐card theft incident in history. It is estimated that the company lost at least 45 million credit and debit card numbers because of weak security systems in at least one of their retail stores. The 2005 security breach resulted in a large number of fraudulent transactions, as well as a loss of customers and a huge cut in sales.
While no retailer ever wants to experience a TJ Maxx-level security breach, as long as computers and Internet services are used to conduct business transactions, security and fraud will continue to be a major concern. Unfortunately, there’s no perfect POS security solution, but there are several retail best practices that can be incorporated to protect your networks and data, suggests Point of Sale News. We’ve integrated some of their tips with information about security measures for software vs. cloud-based POS systems below:
Keep Your POS Software Up-to-date
If you have a software-based POS, your updates will often come with essential security patches that, when installed, protect your POS system from malware and other cyber attacks that can make your data vulnerable. If you neglect to install updates on time and cybercriminals find a hole in your security, they can delete files, hold your computer hostage, or even crash it. A regular habit of installing updates will ensure that your POS hardware and networks are continuously protected.
With cloud-based POS systems, your applications are automatically updated by your service provider, so you needn’t worry about manually downloading and installing updates. POS systems, like the Rain POS platform, are updated frequently enough that cybercriminals have little time to poke holes in security defenses before another update occurs, reducing potential security risks.
If you don’t have the time or desire to manage your own security or data backup, committing to a monthly subscription fee for a cloud-based POS platform is a small price to pay for convenience and peace of mind.
Firewalls and Anti-virus Software Will Help Protect POS Networks
Because your POS software is always at risk of being compromised by hackers, viruses, and other malware, it’s a good idea to install firewall and anti-virus applications for added protection. While this is no guarantee of a bulletproof POS system, it’s still an important component in keeping POS hardware and networks more secure. IT resources may be required to help install and maintain data security, which is managed in-house.
Data security for cloud-based POS systems is generally maintained by the service provider. With Rain POS, for example, secure off-site servers handle the hosting for the integrated POS system, so there’s no need to call in the IT department to help set up security controls. Customers simply sign up and start using the web-based POS platform. As an added security benefit, no credit card data is stored on Rain POS, giving hackers little incentive to compromise the system.
Do you have a solid internet connection? If so, a cloud-based POS system may be a good option for your business. The software virtually takes care of itself, without the demands of IT resources, and security is maintained off-site by the service provider.
Deny Internet Access for Software-based POS Stations and Terminals
Restricting POS computers and terminals from accessing the Internet will protect them from exposure to viruses and other malware threats. Software-based POS systems should only be connected to the Internet for necessary activities and transactions, not general online usage. All it takes is one click on a malware-infected site by a single employee’s device to wreak havoc on the whole business.
If you’re using a cloud-based POS platform, you’ll always be connected to the Internet, but there are still safety measures you can take. Before you sign up for this type of service, inquire about the security of the servers your provider uses. POS systems, like Rain, use the most reliable servers available, designed to meet the requirements of security-sensitive organizations. Additionally, you’ll want to find out how credit card data is handled. Ideally, credit card information will never touch your POS system. Instead, the encrypted credit card transactions should be processed through a secure gateway and sent directly to your banking institution.
Establish Strong Security Permissions & Passwords
Installers of POS systems have a tendency to use default passwords when setting up online payment processing software for merchants. While using default passwords might simplify things for the installers, they are less secure and fairly easy for criminals to obtain. It is recommended that new POS system owners use complex, computer-generated passwords, along with unique account names. It’s also a good idea to make a habit of changing out passwords on a regular basis.
Be sure to set up designated user and group settings to determine how your team members will be able to use your POS system. Rain POS allows you to create unique user groups with special permissions to areas of the system they are authorized to access and edit. Because the system is integrated with your website, you can also restrict employee access to the website, while allowing them to use the POS.
Software and cloud-based POS systems offer different advantages when it comes to security solutions. With software POS systems, you won’t require a high-speed internet connection, but you’ll be responsible for managing security in-house, which may require special IT resources. If you go with a cloud-based POS system, you’ll have to pay a subscription fee for hosting services, but data security will be maintained by your service provider, with minimal IT and hardware requirements.
Either way, Point of Sale News recommends that you educate employees on how to properly use your POS system, as well as how to watch out for possible security breaches.
While employing all the safety measures mentioned in this article still won’t guarantee the complete security of your POS system, it’s far less likely to be attacked by cyber-criminals.
Also published on Medium.