Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Transcription

1 Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network

2 Executive Summary This white paper introduces the challenges retailers face as open access for employees increases and as interactive customer management systems become more global and demanding. Retail IT security challenges include protecting trade secrets, enhancing internal operations, and protecting customers privacy, while ensuring customers have a seamless experience across all purchasing channels. This paper introduces how a managed security service provider (MSSP), such as Clone Systems, can help your organization design and implement security and privacy measures that support successful customer engagement and protect the privacy of your proprietary and customer data. Analyzing Security for Retailers 2

3 Understanding Retailers Security Challenges Customers now expect purchases and exchanges to be available anytime and anywhere. As a result, the retail landscape is changing quickly and dramatically. Online shopping is increasing, as retailers of all types and sizes expand product offerings and add new services. Retailers must ensure they have security in place to support these new services. Retailers are striving to do more with fewer people and fewer resources. Implementing a robust security system provides a way to reduce costs, drive sales, improve customer satisfaction, and improve security. But cost-consciousness demands that retailers invest in solutions that employees and customers will actually use. Small and medium businesses often lack time and personnel to proactively focus on security. Management may be more concerned about compliance than with a long-term strategy. Smaller organizations may also find they lack employees with the skills to maintain adequate security. Retailers must take steps to protect themselves and their customers from attacks. Retailers can take the following measures: Implement a robust intrusion prevention solution (IPS). IPS defends networks against SQL injection attacks, web exploit kits, and downloader Trojans. Retailers should implement an IPS that can detect and block current and emerging cyber-attacks. Implement a web application firewall. Firewalls prevent web applications from infiltration. Retailers should employ a security expert to continually maintain and monitor firewalls. Monitor servers and security devices 24x7x365. Retailers should monitor servers and security devices, such as firewalls, IDS/IPS, and host antivirus, at all times to identify and fix security issues. Apply timely and actionable intelligence. Retailers should always have current, actionable intelligence about the latest threats and the IP addresses associated with them. This information allows the security team to spot any infection inside the network. Perform regular vulnerability scans and penetration tests. Vulnerability scans and network penetration tests can help retailers identify issues and improve their security, especially when defending against web attacks. But threats don t always come from external sources; often, data leaks can originate from employees, through intentional theft, lost or stolen devices, or accidental exposure. Firms that do not adequately address security issues may face fines, serious damage to their brand, and steep financial losses. Retailers who do not invest in their security provisions may find that the short-term savings are not worth the potential for huge losses should a breach occur. Cyber-security typically isn t a core competency for retailers. Savvy retailers frequently find that by partnering with an experienced service provider that they can protect themselves against current, emerging, and persistent threats. Retailers need to be constantly vigilant and aware of threats and how they might impact their business and have a plan to address them. Analyzing Security for Retailers 3

4 Choosing a Managed Security Service Provider The retail industry requires an end-to-end risk management process that can assess retail data systems and their IT infrastructure; determine necessary controls; and ensure compliance. An effective security management process for retailers will Target specific areas of risk Implement focused security controls for those areas Automate the monitoring and measurement of controls Before you purchase an MSSP, you need to do a thorough security and risk assessment. You ll need experienced information security personnel to perform a gap assessment that includes: Cataloging assets of your organization s production environment. Identifying the vulnerabilities or potential threats to each resource. Mitigating or eliminating the most serious vulnerabilities. Identifying and reducing IT risks. Once you have done the gap assessment, you can begin researching the right MSSP for your organization. How to identify the right MSSP An MSSP provider should: Monitor large amounts of data Be a certified scanning vendor Offer a managed IDS/IPS solution Offer a log management system that can correlate a variety of data sources Provide a centralized incident response system located at a secure operations center (SOC) Have a fully staffed, 24/7 operation with experienced information security personnel Be able to perform a gap assessment that includes o Monitoring and analyzing both user and system activities o Analyzing system configurations and vulnerabilities o Assessing system and file integrity o Finding patterns typical of attacks o Analyzing abnormal activity patterns o Tracking user policy violations; integrated change management processes; log analysis, file-integrity checking, policy monitoring, rootkit detection, and real-time alerting. Analyzing Security for Retailers 4

5 Key challenges and solutions The following table shows challenges retailers face and the solutions that can alleviate those challenges. Challenge Analyze exposure to internal and external data breaches. Assess risk of information lost across networks, web applications, storage, and endpoints. Discover, monitor, and protect confidential information. Demonstrate compliance with HIPAA, PCI, and state privacy laws. Encrypt data on desktops, laptops, and disks. Protect endpoints from malware and threats (antivirus, antispyware, firewall, intrusion prevention, and device and application control). Lock configuration settings and file systems. Control how removable media is used. Prepare for compliance audits. Automate policy management and check technical and procedural controls. Track and monitor security incidents. Solutions Clone Guard Scanning and Vulnerability Services Clone Guard Penetration Testing Clone Guard Scanning and Vulnerability Services Clone Guard Monitoring Services Clone Guard Managed Security Services (firewall, routers, switches, intrusion prevention, and load balancers) Clone-Guard Managed Services Analyzing Security for Retailers 5

6 Why Clone Systems Clone Systems advocates an end-to-end risk management approach to help ensure security and privacy for your retail organization. This approach allows Clone Systems to identify risks and find inefficiencies in your system. Clone can leverage existing infrastructure and integrate new products to automate security and ensure compliance. Clone focuses on a risk management process that Assesses information exposure and vulnerabilities Implements security controls Ensures your network is always compliant with industry standards By using Clone Systems as your MSSP, you can ensure that your network is always secure and that your proprietary and customer data is safe. Analyzing Security for Retailers 6