Cyber Security For The Individually Owned Retail Business
Individually-owned retail businesses are faced with the need to use computers and the internet for a myriad of reasons. Even single-owner stores now use automated inventory systems, credit card readers, and computerized POS. This type of technology quickly pays for itself. Shop owners find that they have a much better idea of inventory flow, and they are able to track purchase patterns for individual customers. The reduction of man-hours and increased efficiency at checkout create happy owners and customers. The dark cloud over all of this, though, is the need for cybersecurity. Here are some of the most important features of cybersecurity for the individually owned retail business.
Large corporations often have their own servers. Sometimes, the servers are onsite. This is not a very affordable or advisable decision for small business owners, though. Your store probably has internet access through a local company. This company should provide a firewall that allows you to hide your Wi-Fi network. Anybody driving down the street can see a list of available networks, and hack in. A good firewall will keep this from happening. You can set up your access point to hide your SSID or Server Set Identifier. Your router should also be protected by a password.
The firewall, however, is not enough. It may protect you from some of the cyberthreats out there, but your individual computers should have antivirus and antispyware installed. These are usually free programs that are downloaded from the internet. Each of the free systems offers a paid subscription for more advanced safety, but the free service is usually enough if you scan your systems frequently.
In addition, the vendor who sold you your software should send you patches and/or updates periodically. Install these, and your systems will function better. You can tell your computer to automatically install all updates, and even set a time for this to occur so that it doesn’t happen during shop hours.
All of the firewalls and spyware in the world cannot protect your business and your customers from ignorant or malicious employees. It is your responsibility to make sure that you and your employees know how to protect the sensitive data that comes through your store. Employees should be accountable for breaches and carelessness that can release credit card and other private data.
Social media is also a threat to the business owner. You and your employees may have active social media accounts. In fact, your store needs one in order to boost business and collect consumer data. But, it is easy to let sensitive information about your business leak onto social media. Competitors may learn about some of your store’s internal working. Simply stating that an anticipated shipment did not arrive can cue your competition in an ad campaign to lure in your customers.
Most of all put a policy in place with clear-cut consequences for violating your cybersecurity policies. Then, enforce those policies.
This simply means that your employees must have strong passwords. Your vendors should be able to advise you on implementing multifactor authentication. This keeps employees or other people from stealing each other’s passwords. It’s important for handling private information. For example, have each employee log onto the cash register individually. Change their password periodically.
Credit and Debit Cards
Never search the internet using the same computer used to process customer payments. A breach of this kind may even make your insurance void if your systems get hacked. The POS should be on an entirely different CPU than the rest of your computer access. Make sure your employees know this and hold them accountable.
Your bank and/or card processing company will have security requirements within their contract. They will use anti-fraud devices, but you must not circumvent them.
Be ready to convert to EMV. This is the system used to read chip cards. Credit cards are moving away from the magnetic strip.
Make sure that your iPhone, android, tablet, and other mobile devices are password protected. Criminals can steal data from your phone when you are not even in the store if you are using public networks.
Some internet providers provide backup for your data. But, it may not be frequent enough for your business. Backups should be stored offsite. Many people are now storing their backup data on the cloud. Data that should be backed up includes:
- Financial files
- Word documents
- HR files
- Accounts receivable
- Accounts payable