Skip to main content Navigation

Sales Strategy

Hackers! Should You Be Worried? |  September 16, 2015 (1 comment)

AndieWeinman.jpg

Miami, FL—Hollywood stars and starlets are personally being hacked. Target, Neiman Marcus and other high-end stores have been added to the list and the amount of stolen credit cards and identity theft has been increasing every year. Ever since seeing that movie with Sandra Bullock, I buy absolutely nothing on line for fear of identity theft.  Now I am definitely the minority. My husband Joe will do anything not to go into a store. All he does, is purchase on line. If it’s for me, we use his card. That is how paranoid I am.

So, I started to think about my independent retailers out there, started to do some research and this is what I came up with, a list of the top 10 security tips.  I know it’s early but Thanksgiving and Christmas are right around the corner.  Be proactive and start early so no one can steal your Holiday cheer.

1. Go into lockdown. Between Thanksgiving and 2 weeks after New Year’s Eve is fraught with security threats. At the same time, web site requests and network activity is at its highest. Do not make any significant changes to IT systems before the holidays. This is when you should focus on establishing a stable, secure network and base line, should a breach occur.

2. Batten down store networks. Traffic moving between stores and between headquarters and stores is commonly overlooked in retail environments. Especially during holiday season, network traffic showed to be closely maintained for activity that might characterize a security incident. Consider blocking all non-essential store-to-store and store to headquarter traffic.

3. Know your data. You must know what data is vital to your business, where the data is stored, where it flows and who has access. At this time of year retailers need to know their data intimately. It is virtually impossible to protect data if a business does not know where it exists or where it resides.

4. Unnecessary data retention is a major trap for retailers. Sensitive data such as consumer and identity related information are a goldmine (no pun intended) for data thieves and can become a retailer’s greatest exposure. Retailers should inventory all desktop and servers for sensitive data.  You need to evaluate where and how long data is stored, and whether you really need to keep that data. Ask if it is essential to your business. Unnecessary sensitive data should be purged: get rid of it!

5. Be careful with third-party interactions. While interaction with business partners is part of everyday business, they can also expose you to heightened risk. To enhance security within third party interactions, retailers should only allow third parties to connect with their network with specific approval. They should require unique ID’s and use two means of authentication, such as a user name/password.  

6. Pay attention to areas of known vulnerability. Hackers often use in-store wireless access points as entry into retail networks. These areas are easily exploited.  Before the holiday lockdown, ensure wireless networks are secured and encrypted.  Wireless networks should be isolated from other in-store IT Systems. Also, scan store-level networks for the presence of unknown devices. This is an effectual way to identify a security breach before it becomes a major problem.

7. Use strong access control. Weak user names and passwords can lead to trouble. Each user accessing a retailers system especially an employee must use a unique ID and a strong password.

8. Scan, scan, scan! Retailers should scan store networks regularly for unknown devices, especially those that use wireless networks.  Wireless is easier for Hackers to manipulate.  Retailers also need to monitor systems for evidence of unauthorized access. Retailers need to implement regular scanning with network and application testing.

9. Maintain accountability. Keep your thumb on the pulse of what is happening in your networks, especially at store level. Closely monitor system logs. Be prepared to reconstruct security events at any point in time, going as far back as 6 months. Pay careful attention to vendors and other third parties that have access to sensitive data. When it comes to security there is no silver bullet.

10. Respond Quickly. Respond swiftly and decisively to a security incident before it can become a full-fledged breach. Have a thorough incident response plan in place. As you all know, breaches are expensive and can impact revenue, tarnish company perception and expose and alienate customers. With careful planning, attention to detail and prompt follow up to security concerns, retailers can remain confident that holiday sales will end up benefitting their bottom line, not lining the pockets of a data thief.

Like I said before, this is one of my biggest fears, whether it be personal or through our businesses. This article touches on quite a few good points that retailers should be aware of to avoid being hacked during the holiday season. I think it’s important to understand what to do before the fourth quarter hits. Do your research, this is an ongoing problem that I want none of us to experience.

Andie Weinman, president and CEO of Preferred Jewelers International / Continental Buying Group Inc., was born with the “Jewelry Gene” working in the jewelry industry since she was only ten years old. Her first job was as a cashier in the opening of a catalog showroom doing a fantastic job even at that tender age. Andie holds a B.A. in musical theatre and a B.S. in marine biology from The University of Tampa. When she realized that seawater and marine biology were not good on her hair and she wasn’t quite good enough to make it on Broadway, the jewelry business beckoned. Andie has picked diamonds, sorted color stones, shot waxes and performed a multitude of jobs in the manufacturing of jewelry.  Her negotiating experience and prowess has given her the reputation as being tough but fair in her dealings with vendors. In 2012 the Indian Diamond and Color Association awarded Andie the Prestigious Doyenne Award of the Year.

Share This:

Comments (1):

We also do everything on line- I mean almost everything! Great article Andie!!! -

By Michael Pucci on Sep 18th, 2015 at 2:29pm

Leave a Comment:

Human Check