How to Create a Highly-Secure Retail Device Environment
Customer’s retail behaviors have evolved rapidly since the beginning of 2020 – McKinsey described this forward leap as “a decade [of change] in days.” As a result, retailers have had to drive mobile transformation at lightning speed, rapidly adopting Android edge devices for mission-critical use cases such as self-serve checkout, contactless payments, inventory management, and more. Eighty-seven percent of retailers believe smart edge devices are critical to the success of the business.
But, there’s evidence that many retailers struggle to scale security and compliance to the Android edge. Forty-five percent of product teams admit they cut corners on basic protections, according to the 2021 Verizon Mobile Security Index (MSI), even though many know that mobile threats are on the rise.
Retail is a highly targeted industry for data breaches. Threat actors are more likely to target retail than other industries, and 99 percent of attacks are financially-motivated attempts to steal payment card data or personally-identifiable information (PII). Retailers must adopt new approaches to how Android edge devices are deployed and managed in order to scale security to mission-critical edge device fleets.
Android Edge Security Best Practices for Retailers
The retail industry has always faced many challenges to adopting adequate edge device security. Some of these challenges aren’t new. Devices are typically remote from the product operations team at retail headquarters and usually operate in a high-turnover branch environment. The voluntary turnover rate for retail employees in 2020 was 30.7 percent, creating significant challenges to retention.
Retail organizations are struggling to remotely support a new infrastructure of edge devices, applications, and services that are sprawled over remote branch locations and networks.
Last year, 23 percent of organizations experienced a mobile security incident. Mobile risks to retailers have grown in volume and pervasiveness over the past few years. Luckily, it’s possible to adopt a reliable, repeatable, and robust approach to edge security controls. Security can scale when it’s baked into the deployment and management process.
Secure Retail Edge Devices Against Human Risk
Humans are among the most significant security threats in retail and any other industries. And behavior played a role in virtually half of data breaches last year. Retailers must guard against all forms of human risk that can compromise edge devices – including human errors, device misuse, and theft by retail employees and customers.
Protecting against human risk starts with secure configurations for Android edge devices.
From the moment they’re deployed at a retail branch location, devices should be restricted to their specific use case to mitigate the risk of misuse. Secure configuration should include:
- Locking devices to run authorized Android kiosk mode apps in full-screen mode.
- Limiting user access to device settings and factory resets.
- Closing off unneeded hardware features such as USB ports and the camera.
- Limiting how and when software is deployed to the device.
- Setting geofence restrictions to wipe or lock devices taken off-site.
- Active monitoring of hardware, system, and applications.
Secure device configurations enforce acceptable use policy to mitigate the risks associated with misuse by branch employees or customers.
To learn more, we recommend Developing a Retail Device Fleet Strategy: Best Practices to Secure Your Retail Devices.
Network Security for Retail Device Fleets
Insecure networks are a major factor in edge device security risks. For example, a public WiFi network at a retail branch location can expose devices and apps to man-in-the-middle (MiTM) attacks.
Retailers must re-architect their branch networks into smaller segments to isolate their mission-critical Android devices and sensitive data, granting access based on the principle of least privilege.
Network segmentation is a compliance requirement for Android mPoS and a best practice for any edge device that’s used to capture PII.
Retailers need to “shift left” and consider network security earlier in the Android development and operations process. Enforcing network security should begin in the provisioning phase by limiting a device’s ability to connect with public WiFi or shared networks and ensuring that sensitive data transmissions take place behind a VPN or PCI-validated point-to-point encryption.
Esper is not a PCI DSS Qualified Security Assessor, but we’ve helped many customers achieve PCI-compliant fleets of Android mobile point-of-sale within a shared responsibility model.
Consistent, Early OS Updates for Retail Devices
Shockingly, studies show that 30 percent of organizations believe their single-purpose edge devices aren’t interesting to hackers. There’s no data to support this myth, especially in the retail industry. Single-purpose devices are a major target for financially-motivated threat actors.
Retailers must understand that their Android edge devices are a target and take appropriate steps to make sure their devices receive security updates early and often.
Ninety-three percent of enterprise-owned Android have unpatched vulnerabilities. This means that enterprise-owned Android are more than twice as likely as consumer-owned Android to be running an outdated OS. Traditional approaches to Android updates simply don’t scale to high-volume, remote use cases without manual intervention. And, retail devices often have a 5-year lifecycle, meaning devices have often reached end-of-life for manufacturer updates.
Missing a single device update can put retail devices and systems at far greater risk of compromise, especially when you consider that malware and system compromise are the most common attack patterns in this industry. Retailers need a single pane of glass to apply updates with predictable results, including:
- A DevOps pipeline approach to roll updates forward and back.
- OS migration with update support for Android x86 and other devices that have reached end-of-life.
- A centralized, cloud-based portal to unify updates across use cases and device manufacturers.
It’s Possible to Scale Retail Android Security to the Edge
Security and compliance can be a significant burden for retailers. Luckily, it’s possible to scale security controls to the Android edge with limited resources. To manage risks with limited technical staff, retailers must look toward developing a high degree of automation, the capacity for zero-touch deployment and updates, and gain a single pane of glass view into the fleet.
Shifting to Android DevOps and adopting a platform can drive automation and efficiency throughout the device lifecycle. A DevOps approach can enable retailers to enforce edge security and compliance as part of a unified set of requirements for deployment and management. And, with a single platform for securing the device lifecycle, it also becomes much simpler to automate real-time security response and prove continual compliance.