A cash register was part of the Internet of Things
long before there was an Internet of Things.
A cash register, or Point Of Sale (POS) system, is a device that contains an operating system and network connectivity. It performs a very specific task, sending data back to a central server. Put that way, it sounds very much like part of the Internet of Things (IoT).
The big difference between POS and “IoT” is that devices in the “new” Internet of Things tend to run some flavor of Linux, while many cash registers run some version of the Windows operating system. As such, these cash registers are susceptible to the millions of pieces of malware written for Windows.
The solution to this security issue over the years has been to put some sort of anti-virus technology on the cash register.
In light of all the recent POS data breaches, we have to wonder, is anti-virus enough? The simple answer is no. Even if we were just concerned about common malware, the answer is still no.
[Tweet This] Protecting against even common malware today requires more than anti-virus.
Symantec has sold technologies beyond anti-virus to protect Windows systems since 2003. Over the years we have added major technologies to our desktop product to provide additional layers of protection. We no longer sell “anti-virus” alone. We sell Symantec Endpoint Protection, which includes IPS (network threat protection), Insight (unique reputation-based technology) and SONAR (behavior-based blocking). To safeguard systems from advanced attacks you need to be running all of these layers of protection included in our endpoint protection solution.
Attackers have targeted POS systems for some time, and the pace has increased. It’s no surprise that these devices are prime targets for attack. They hold valuable credit card information at an extremely vulnerable time – before data has been encrypted and transferred to a more secure location.
Even if you have more than antivirus on these devices, it’s still not enough. What is the point of locking your door if you leave the windows wide open?
[Tweet This] You need layered security on your POS device and throughout your network.
A properly configured endpoint protection product can block even the most determined attacker, and this is especially true when it comes to a POS system. POS systems actually have a security advantage over a PC as a single function device. Because no one on that device is web browsing, emailing or opening shared drives, the functionally of the machine and the files needed on that machine are limited.
Symantec Endpoint Protection 12.1 includes System Lockdown, Application Control, Device Control and Firewall capabilities. These tools allow you to reduce the attack surface by limiting the specific applications running on the machine, as well as control which devices and applications are allowed to access the network. Limiting applications and network accessibility on the machines can render malware useless because it won't be allowed to run on the machines or the network.
In short, to implement the best protection for your Windows-based POS systems, you need to need to have layered security as part of your IT architecture. You need to have a security solution like Symantec Endpoint Protection on your device with specific features to maximize security.
If you already have Symantec Endpoint Protection, we’ve put together a step-by-step guide to help you maximize protection on a POS. You can find the guide here. If you use POS systems and you want to make sure you’ve done everything you can to make them secure, this is a document I can’t recommend highly enough.
For more information about how to protect your business, see:
Upgrading to SEP 12
How To Secure your Mobile POS Devices
Symantec Endpoint Security Blog
How Symantec Endpoint Protection 12 protects against malware threats using Insight and SONAR technology
Beyond anti-virus with network threat protection