We are using a LAN-based POS (point-of-sale) system with an SSL feature on our network. How can we securely connect...
remote point-of-sale devices to our network?
Provided you have your devices configured to use strong encryption to protect the SSL traffic (AES 256-bit encryption is a great choice), you probably don't need anything else to ensure the confidentiality of transaction data. That is assuming, of course, that you've already applied other security best practices to both the local and remote networks and use firewalls, antivirus software and other standard controls.
That said, I'm never comfortable relying upon a single control. You'd probably sleep better at night if you had the added benefits of a virtual private network (VPN). If both ends of the connection are already protected by hardware firewalls, it's likely that you can configure a VPN tunnel between the two sites using the equipment you already have. If you're not already using firewalls, go get them! There's no excuse for not having this basic security control.
One other word of caution: If you process credit card transactions on these devices, you'll also need to comply with the Payment Card Industry Data Security Standard (PCI DSS). This is no trivial undertaking, and you may wish to consult the PCI DSS materials elsewhere on this site.
For more information
Get more information on the top LAN security issues in a client-server network environment.
Learn how to implement PCI network segmentation in this expert response.
Related Q&A from Mike Chapple, Enterprise Compliance
The HHS security risk assessment tool is designed to help healthcare providers meet the HIPAA security requirement. Expert Mike Chapple explains how ...continue reading
PCI DSS requirement 6.6 demands application security compliance through one of two options: an application firewall or a code review. Expert Mike ...continue reading
Are HIPAA-compliant hosting services a better option for compliance than a secure storage API? Expert Mike Chapple analyzes.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.