7 Best Practices to Secure Android Retail Devices
Global retail sales are projected to reach $28 trillion by 2020 and retailers are finding ways to grow their customer spending to take advantage of this demand. It’s evident that consumers hold the power of shopping means and retailers are building omni-channel experience to deliver and capitalize on the opportunity. To drive this trend, the market is getting more sophisticated with new innovations delivered in a competitive environment to give the best experience possible.
For example, A GPShopper report suggested that more than two-thirds of 1,300 shoppers surveyed said they planned to use BOPIS (Buy online, pickup in-store) services for holiday shopping needs. Companies like Petco and rue21 have implemented technology to take advantage of this trend. Another retail giant Walmart is all set to give the BOPIS experience to its consumers across 500 stores in a competitive response to Amazon.
Retail Security Vulnerabilities You Should Consider
As retailers take advantage of in-store experiences like digital signages, AR and VR screens, kiosks, mobile, cloud, social and other enabling technology trends as the number of connected devices that shoppers and stakeholders are using is on the rise. This opens the door to security vulnerabilities, and retailers need to manage and secure their device fleet to achieve full operational efficiency, protect assets, and preserve peace of mind.
An integrated security approach with a network that can handle threats, high volumes of data, and efficient connectivity must be in place to mitigate risks. Because unlike physical security breaches, digital threats are carried out through cyber break-ins like:
- Card Skimming
- Customer data breaches
- Website hacking
- Secret taps in your network
For example Neiman Marcus in 2014 lost 350,000 payment cards data through a malware implant, while P.F. Chang’s China Bistro customer data was exposed at 33 of its restaurants in 2014 through a targeted attack on their POS. Complexity increases with every new customer, business alliance or new staff as the network is extended and potentially becomes more porous. A large retail customer database with inadequate security is an invitation for a cyber-attack.
This calls for establishing an IT governance program that integrates people, processes and technology. The best way to protect yourself against digital threats is to ensure that the hardware and software you’re using are compliant and up-to-date with the latest security standards.
7 Best Practices to Secure Your Retail Devices
- Ensure All Device Software is Known & Trusted
Regular compliance checks and updates are critical for ensuring that all software is free of malicious code or malware that can infiltrate the enterprise infrastructure.
- Restrict Internet Access
Restricted internet access for IT staff on enterprise devices should be limited to domains they absolutely need to function. By restricting inbound and outbound internet connections, the surface area is reduced for a potential attack. This also improves the ability to detect when malware is present on devices.
- Use an Antivirus and/or Monitoring
Sophisticated enterprises need security software to protect hardware, emails, cloud environment, IP information, and data. What is required today is complete endpoint protection that scans your software to remove problematic files and apps, and sends alerts when malware is found.
- Keep Software Up-to-Date
Most successful computer attacks exploit well-known vulnerabilities, for which patches exist. All device software must be updated regularly to install the latest security updates. Without timely updates, enterprises are at risk of a hack.
- Lock Your System
Devices must have a strict lockdown policy to reduce vulnerabilities and prevent corporate hacks. Important as well is the remote wipe feature in case the device is lost or stolen. This helps to protect company assets and reduce the risk of a data breach.
- Use Encryption
Encryption uses an algorithm to scramble data and then applies a key for the receiving party to unscramble the data. Adding encryption makes it very difficult for hackers to gain access to important files in case of a data breach.
- Stay PCI Compliant
If your business accepts credit cards then compliance to PCI DSS (Payment Card Industry Data Security Standard) must be kept up-to- date. In the event of a data breach, lack of PCI compliance could result in steep fines by the PCI Security Standards Council.
To learn how to develop a complete retail device strategy and secure your retail devices, download our ebook to help you gain key insights. It is important that you start today, because every minute of Internet downtime costs retailers an average of $4,700, this means maintaining your computing environment around-the-clock is the key. Time to tighten your application and device security.
At Esper, we offer an intuitive cloud-based connected device platform for managing all of your Android devices seamlessly and securely. Whether that happens to be a kiosk, POS, or smartphone know that your assets are safe and secure. We also joined the API economy and as a developer-focused community, we’re passionate about changing the way retailers manage and provision their apps to create secure, seamless customer experiences.
Get in touch with us to find out more about how Esper can help with retail device management.