1. /
  2. Secure Your Point-of-Sale System
Secure Your Point-of-Sale System

Secure Your Point-of-Sale System
News headlines have been inundated with stories of credit card breaches. Don’t be the next victim.

Symantec provides the security expertise to protect your point-of-sale (PoS) environment from today's sophisticated attacks.

Millions of Identities Can Be Exposed in a Single Attack

The rising intensity and sophisticated nature of cyber attacks has created a hostile and precarious environment for businesses charged with protecting their customers' personal data. The retail industry again has the dubious distinction of being the industry liable for the largest number of identities exposed in 2014, accounting for almost 60 percent of all identities reported exposed, up from 30 percent in 2013. In 2013, 17.8 percent of data breaches contained financial information, but in 2014 this number jumped to 35.5 percent. In most cases, this financial information is credit or debit card details. Point-of-Sale systems: the credit card swipe machines that have become so ubiquitous in our retail lives are frequently under attack.
Anatomy of a Point-of-Sale Attack
Attacks against PoS systems in mature environments are typically multi-staged, including infiltration, network traversal, data capture, and exfiltration.
Symantec Solutions for the Point-of-Sale Network
To safeguard your endpoints and PoS devices, you need to secure them with a strong endpoint protection solution that offers multiple layers of protection.
Symantec Solutions for the Corporate Network
Securing your credit card and PoS environment from sophisticated multi-stage attacks requires multiple layers of protection.

Anatomy of a Point-of-Sale Attack

The complex nature of retail environments has led cybercriminals to create sophisticated attack methods to target valuable credit card data. Typically these attacks are multi-stage and include the following phases:
Infiltration – There are a variety of methods to gain access to a corporate network. Hackers can look for weaknesses in external facing systems or attack from within.
Network traversal – The malicious files that the cybercriminals have secreted within the network might stay in hiding, trying to gain access to other systems until they find a way to access the PoS environment.
Data capture – Once inside the PoS environment, the threat will install additional malware, which might secretly collect personal data every time the cards are swiped. The data will continue to accumulate in an internal staging server until the time comes for exfiltration.
Exfiltration – To facilitate exfiltration, the card data will move from a staging server to other systems within the corporate network that have legitimate external access. The threat manipulates these systems to transmit externally the card data to cybercriminals.

Symantec Solutions for the Point-of-Sale Network

Securing your credit card data and PoS environment from sophisticated multi-stage attacks requires multiple layers of protection. Starting at the endpoint, Symantec offers two solutions to help protect credit card data on PoS devices.
Safeguard your Point-of-Sale Network
Safeguard your Point-of-Sale Network
Symantec Embedded Security: Critical System Protection
Symantec Embedded Security: Critical System Protection provides a policy-based approach to endpoint security and compliance. Symantec Embedded Security: Critical System Protection has two enforcement components that can be independently activated on Point of Sale systems, prevention and detection.

The prevention component has proactive enforcement rules that can stop malicious activity before it occurs, the detection component monitors for system activity as it occurs and can trigger event based actions. Both components provide granular control over logging using policy settings to give visibility into actionable events as well as the efficient management of high volume events necessary for regulatory or forensic purposes. Thus, in combination, the two components provide unique capabilities to both secure a system and to address regulatory compliance requirements. This includes regulations such as PCI-DSS that requires companies to deploy file integrity monitoring for critical system and application files changes. Detecting that an important operating system binary like svchost.exe was recently modified is very different from preventing the modification in the first place. Symantec Embedded Security: Critical System Protection lets you configure and use both detection and prevention as needed to address your auditing, compliance, and security requirements.

Symantec Solutions for the Corporate Network

In addition to securing the your Point-of-Sale devices network, you also need to think about how to safeguard the broader PoS environment. Through a full spectrum of security solutions and services, Symantec can help defend your entire PoS environment against even the most persistent and sophisticated attacks.
Safeguard your Corporate Network
Safeguard your Corporate Network
  1. Host-based access controls can safeguard the servers that connect to your PoS devices.
  2. Set up a first line of defense at your gateways – especially email gateways – is key to stopping cybercriminals at what is often their first point of attack.
  3. Servers and PoS systems need robust authentication controls to prevent unauthorized access and block malware propagation within your environment.
  4. SSL certificates can secure your credit cardholder data by encrypting it while in transit.
  5. Finally, a data loss prevention solution can scan traffic leaving your network to ensure confidential data is not leaving your environment.
  6. Detecting known and emerging threats requires not only advanced technology, but also highly specialized security expertise. Symantec Managed Security Services reduces the time it takes to detect, prioritize and respond to security incidents by providing 365x24x7 monitoring of your POS network.

Key Resources

Security Response Special Report
Attacks on Point-of-Sales Systems

Contact Us