“If you really want to do something, you’ll find a way. If you don’t, you’ll find an excuse.”
P.F. Chang’s Investigates Possible Breach of Customer Credit Cards
Survey respondents praise, but neglect, continuous monitoring
- Ensure your organization has Firewalls/Intrusion Prevention Solutions in place that is capable of block incoming attempts from bad reputation IP addresses from countries on the watch list.
- Verify your security appliances are reporting to a Security Information and Event Management tool (SIEM) that correlates events and displays intelligible information to security analysts.
- Validate your organization has an efficient Security Operations Center (SOC) of which trained analysts are trained to alert on potential malicious events or malicious sources.
- Verify your company has an effective and enforced data classification standard which requires data owners to seriously assess data sensitivity and requires data custodians to properly secure the information to need-to-know only basis.
- Ensure your organization has a solid data storage policy which requires confidential data to be stored in secure, encrypted locations
- Perform periodic access reviews for data stores and applications housing highly classified or confidential information to ensure appropriate access is enforced. Any users or groups who are discovered to have access and don’t have a need to have access should be immediately removed.
- Confirm network segmentation in your environment so that only required devices are able to access networks where highly classified or confidential data resides.
Ponemon Institute SQL Injection Threat Study
Small businesses running cloud-based POS software hit with unique ‘POSCLOUD’ malware
- Perform a risk analysis for utilizing cloud based services. Understand your limitations of using the cloud including
- Not having have total control
- Having your data protected by someone else
- Having your security managed by someone else
- Not having information about the cloud providers infrastructure
- As a result, Ensure your legal department has a strong SLA and breach accountability agreement with the cloud provider in case critical company or customer data is compromised
- Use Strong password for Terminal log in accounts and change them regularly
- Keep POS operating systems and POS Software Applications updated with the latest patches:
- Install a Firewall
- Ensure a solid Antivirus solution is running on the PoS terminals
- Ensure your company is using a web content filtering solution to prevent user from accessing malicious websites.
- Validate the web content filtering solution is up to date with the latest stable version with the latest site signature updates
- Disallow Remote Access so that attackers cannot remotely access terminals
- Encrypt traffic between terminals, servers and payment card processor
IntelCrawler Cloud-Based POS Software – “New Target for Hackers?”
US-CERT Common Risks of Using Business Apps in the Cloud