It seems like every other month, we hear about a security breach at a large company. And when that large company is a mega-retailer, like Target, there’s huge trouble. Not just for the hundreds of thousands (or millions) of consumer records in the database, but a loss of consumer confidence.
What’s a poor retailer to do? Once a reputation gets damaged, it’s tough to win back confidence from customers who have dozens of other shopping options for spending their money.
With data breaches being such an obvious and real threat to the actual survival of a retailer, you’d figure security would be job #1, each and every day. But that’s not always the case. If it were, our Twitter feeds wouldn’t include mention of these constant breaches.
Part of the problem is that retailer networks have so many access points. It’s tough to cover every dislodged manhole. Another issue is companies can focus on compliance but not be as thorough with actual security – they are two completely different tasks, the former being the checking off of boxes, the latter being actual protection.
Once retailers wake up to what’s most important, they can better recognize the source of attacks:
– Teach your employees how to create safe passwords
– Develop a total security strategy for a just-in-case possibility. How will you control a breach? How will you measure the extent of an attack? How will you tell the world about what happened, why it happened, and how you’re going to take responsibility?
– Create a single sign-on (SSO) system
– Defend every entry and access point of the network
– Employ security measures to analyze data and to identify potentially damaging behavior
Security risks for retailers will never go away. In fact, they’ll probably only increase as technology becomes more and more sophisticated. But when IT departments take a comprehensive, proactive approach, the companies and their customer data will be a lot safer.