Business safety lessons from Target, Home Depot hacks
One of the lessons we are learning from the giant Target and Home Depot payment-card hacks is that the same network that creates efficiencies for a business may also create unforeseen vulnerabilities.
Both Home Depot and Target revealed that the criminals who stole customer credit card data broke into the retailers’ systems by infiltrating the networks of vendors. Businesses large and small should be reviewing how their systems and devices work together, now that we know a hacker stole millions of credit card numbers from Target by first breaking into a heating ventilation and air conditioning services company’s computers.
We are learning that all it takes is one device to become infected or infiltrated by hackers to expose a business’s entire network and put its customers at risk. In the wake of the Home Depot and Target breaches, here are 5 questions I would be asking if I operated a business:
1) How do you secure the front-of-the house computer environment? Businesses should consider how their networks are configured so that devices with customer data, such as cash registers and credit card readers, are segregated from other computers and networks. Outsiders, such as vendors and contractors, should not have access to those front-of-the-house devices or others that contain sensitive information.
2) How good is your physical security? With more and more employees working on laptops, tablets, and smart phones, the risk is higher for theft or loss of equipment. I’ve heard of criminals stealing a company’s devices and replacing them with their own to steal customer information without the company realizing it. Businesses can reduce this risk by having a strong inventory control program to account for all the devices on the network and ensure they are used only by authorized employees.
3) Are you monitoring vendors and contractors on your network? Home Depot’s and Target’s massive breaches began with contractors’ compromised systems. A thorough monitoring process may reduce the risks of fraud by helping a business spot suspicious activity on its network before information is stolen or secure areas are breached.
4) Can you block or remove a suspicious device or user from your network? Every business should have written processes and procedures to be able to react quickly to a threat or suspicious activity on its network. These procedures should include steps to disable or remove a device from the system if it is believed to be infected or connecting to areas of the network that it does not usually touch.
5) What’s your recovery plan? Businesses often overlook the vital question of how they will do business if their system is compromised. Protecting against cyber-threats is one thing, and having a backup system so your business can continue to function in the event of a breach is another. If your card readers or cash registers are hacked, you’ll need a backup procedure to continue to conduct business.
Sometimes it may feel like an impossible task to defend against cybercriminals. There is no fail-safe system to protect against hackers, but businesses can at least take steps to help reduce the risks.