Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Security challenges in Malaysia’s retail industry: interview

AvantiKumar | Oct. 18, 2013
As the retail industry is one of the top three sectors to be targetted by cyber criminals, the Malaysian retail industry needs to take a less traditional approach to securing its IT, says Fortinet's Eric Chan.

Multi-threat security systems - Protecting against malware attacks that are equipped with advanced malicious threat technologies requires much stronger threat prevention techniques than those just looking for static viruses that match a signature. It requires an intelligence-based structure that aggregates and correlates information from a variety of unified threat management sources.

High performance for excellent customer experience - With the increasing number of endpoints, applications and higher volumes of data, each in-store network must provide high-performance for continuous credit card processing and point of sale connectivity to maximise the customer experience and interaction. In order to maintain high throughput and reliability, the increasingly complex in-store network must have security solutions that don't create any performance bottlenecks as they inspect and filter traffic for threats and malware. High performance and low latency of traffic flows is especially important during peak transaction periods.

In-depth defence for the in-store wireless LAN - Recently publicised data breaches in the retail industry have exploited vulnerabilities in store wireless networks. Attackers have been able to access sensitive applications regardless of security systems, such as firewalls and VPNs, back to head office or security measures in data centres.

It is no longer staff, auditors and training contractors who visit stores and need to use their laptops or tablets to access corporate systems and data. In-store reps are also being provided with wireless tablets to increase interactivity with customers, while some retailers are looking to differentiate services with wireless kiosks, flexible wireless digital signage and customer access through their own devices. All this increases the security management headache with escalating endpoint and wireless security.

Adopting innovative in-store services - New applications and devices designed for multi-channel retailing in-store are promising to increase retail operations efficiency and drive revenue and customer loyalty. But if these advanced technologies need to be provided with security in mind, they also make the retail environment more vulnerable to threats. Support of cutting edge customer applications will become commonplace in the next five years - such as augmented reality applications used as customers move through the store and/or in-store Wi-Fi access to online systems and loyalty schemes.

PCI-DSS Compliance Support - With in-store networks carrying credit card transactions, PCI compliance requirements must be satisfied. Security monitoring and rogue detection are explicit requirements in the PCI standard, so it is imperative that Malaysian retailers are able to analyse user and device behaviour on the in-store network and respond to any threat. Event logging, analysis and reporting capabilities are essential to enable firms to demonstrate compliance with PCI-DSS and other regulations.

How can retailers mitigate risk to their business and prevent financial and reputation damage created by a data breach or lengthy system downtime?

The retail industry is fast becoming a major target for cyber criminals. Hence, securing the retail store network environment has never been more important than it is today. For retailers with stores throughout Malaysia, secure network connectivity linking all sites to the head office is critical to business operating processes.

Retailers need cost-effective network security solutions in their stores to mitigate risk to their business and prevent the financial and reputational damage created by a data breach or lengthy system downtime.

More importantly, they need to define a security strategy that address the key pillars of their distributed environment and ensure that their security infrastructure is not only robust, but scalable, easy to manage and cost-effective from kiosk to superstore.

Fortinet's next generation security systems enable retailers to secure multiple, geographically dispersed sites, systems and critical applications, such as inventory control and point-of-sale (POS). These next-generation security devices and virtual appliances are purpose-built to provide rapid deployment of essential advanced security technologies, along with the flexibility to scale with remote sites and growth plans.

To summarise: how can Malaysian retailers deploy and manage comprehensive security in a cost-effective manner?

Local retailers need a security solution that is scalable, cost-effective and easy to manage, which supports the growth of new applications and wireless networking in-store, without affecting the end-user experience, increasing deployment costs or growing staff burdens.

For example, with a Fortinet Unified Threat Management security solution, a retail organisation with hundreds of stores can quickly deploy and operate comprehensive high performance security solutions to all endpoints for a fraction of the costs of traditional solutions and stand-alone appliances.

The scalability of a network security solution must support the evolution and growth of a retailer's IT and network infrastructure, so that they can easily and cost-effectively add network security functions on an as-needed basis.

Retailers can then easily deploy and centrally manage security appliances throughout the distributed network from kiosk to superstore. This helps support multi-channel operations and innovative services such as customer access, as well as provide a high security posture and the tools to maintain compliance with PCI-DSS.


Previous Page  1  2 

Sign up for MIS Asia eNewsletters.