Retailers are handling increasing amounts of customer data as they bolster online operations. Lewis Johnstone, products and solutions specialist at Brother UK, outlines how firms can keep this data secure by shutting an overlooked back door into networks through insufficient print security.
A famous saying in cyber security goes: ‘there are two types of companies: those who’ve been hacked, and those who don’t know it yet.’
While unnerving, it’s a nod to the growing threat we face from cyber criminals as businesses reshape their online models to focus on e-commerce. And for the many retailers that had to adapt quickly over the past 12 months by moving operations online, it’s a saying that’s well worth keeping in mind.
Mitigating the threat of hackers out to steal sensitive information is essential to an effective and trustworthy online retail operation.
The dramatic increases in online orders means that records of names, addresses and some bank details are filling up retailers’ e-commerce platforms and CRM systems – information that’s all grist to the mill of a hacker.
The risk here lies with outdated tech and unsecure processes, which act as a back door for hackers to infiltrate networks and access sensitive information.
Print infrastructure and document management processes are a particular area often overlooked by retailers when it comes to assessing security, leaving an open window to hackers.
Need for clarity
According to research from market research consultancy Savanta, more than half of retail workers (51%) feel that their organisation hasn’t sufficiently invested in printer hardware security. This is due to a lack of clarity around how to secure print infrastructure. The research found that 54% of retailers surveyed in Western Europe said that it’s not clear who is responsible for print security, and even then, only 57% have a good understanding of what relevant security standards are.
Developing a stronger understanding of security essentials will lead to a set-up that’s more resilient to intruders. Key to this will be keeping in mind three core objectives: confidentiality as a priority, security hygiene and up-to-date software.
Confidentiality as a priority
The security of data held online has always been a hot topic, and the extent of the latest GDPR laws reflect the growing concern. Following the stringent laws and regulations is vital to keeping customers’ information safe, avoiding punishment and ensuring reputation remains intact. This will include making sure that printers are as protected as the computers they’re linked to, and this involves introducing PIN and ID Card-protected printing. An employee authentication process like this will mean print-outs are only shared with the intended recipient. Making customer confidentiality a business priority will go a long way to achieving the trust of the consumer, as well as avoiding the severe fines and damage to reputation.
Hackers are always on the look-out for new ‘back doors’ that are left open. Systems need to be constantly updated so that businesses can block the route in before the hacker has chance to find it. Firmware updates help devices to be as robust as possible in the face of evolving and increasingly sophisticated security threats, and neglecting these can make retailers an easy target. Unprotected devices can be located by hackers via Internet of Things search engines, such as Censys or Shodan, presenting the simplest of entry routes for hackers.
For older printers, many administrator log-ins can now be easily found online, meaning hackers are only a few mouse clicks away from stealing sensitive information. Maintaining good security hygiene – keeping systems regularly up-to-date and avoiding the use of factory set default usernames and passwords – will always prove key to successful cyber threat prevention.
By being one step ahead of any potential breaches and retaining the integrity of the system, retailers are safeguarding their vital reputation. Despite the tightening of GDPR laws, consumers are still very concerned about how their data is protected. And as recent appearances in the headlines for a number of major multinationals have shown, there is a significant amount at stake.
As well as covering off the simple steps of introducing secure authentications and keeping devices updated, there are numerous tools which will help businesses stave off cyber-attacks. Checking for printers that are secure by design and feature automatic intrusion detection software and end-to-end encryption is a good way to ensure that your investment is up to scratch from the off.
Expert print partners offer a range of ways to help retailers outsource some security headaches, like the latest firmware updates and password management, helping to ensure that they’re protected. Solutions such as managed print services (MPS) mean that businesses are able to have access to 24/7 support, with experts who are able to remotely diagnose and fix most issues that arise, and maintain peak performance. MPS also involves a full assessment of a business’ infrastructure – a health-check of your firm’s IT security that could potentially prevent a business-ending breach.
The ongoing shift to online retail will continue to cause headaches for many. But by recognising the pitfalls, working to improve print infrastructure and partnering with experts who can keep a business’ operations up-to-date, retailers are able to have a little more peace of mind.