BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Windows XP end-of-life means POS security, and PCI compliance issues
Windows XP end-of-life may make PCI compliance difficult for merchants who don't solve the security weaknesses of XP-based POS systems. Read Now
Starting in 2013, attacks on the point-of-sale systems of major retailers like Staples, Target and Neiman-Marcus made us painfully aware of the threat that POS malware poses. Retailers like these held caches of immensely valuable data, including credit card numbers and personally identifiable information (PII). And hackers got a hold of it.
This guide explores the nature of the threat, primarily by reviewing the story of the point-of-sale malware breaches of the past year, and examines the damage done, but also proposed strategies that retailers and security pros can take to prevent the next POS malware disaster.
1The nature of the POS malware beast today
As 2014 ended and 2015 began, experts began assessing the nature of the threat POS malware poses now, and noticed some interesting characteristics and recent changes. For instance, while the number of attacks may be dropping, they are just as deadly to retailers. The time lag between attack and detection (not to mention alerting the consumer) is a source of danger, too.
2Defending a POS system
POS systems are everywhere, and hackers are too -- and they are determined to get to the valuable data those systems contain. Is there no hope? It's a tough security issue but there are things professionals in the security field, and retail system managers, can do to make it tougher for the bad guys and, with luck, keep them out altogether. This section walks through how to create the most secure point-of-sale system and network possible.