The increased shopping during the holiday season often leads to increased cyberattacks affecting both the organization and their consumers. Cybercriminals may target retailers during high-traffic periods, increasing the impact of their attack.
Keeper Security has outlined cybersecurity best practices for small businesses to help protect sensitive systems and valuable customer data during the biggest shopping week of the year. According to the guidelines retailers should:
Conduct employee training
Cybersecurity training should be part of onboarding, while phishing tests and supplemental training should be conducted regularly so employees can stay up-to-date on the latest threats.
Regularly update software
Ensure all systems and software, including Point of Sale (POS) terminals and e-commerce platforms, are up to date with security patches to protect against known vulnerabilities. Install antivirus software and update regularly.
Secure sensitive systems
Implement privileged access management to secure and manage access to privileged systems and accounts, such as payroll and IT. Implement the principle of least privilege to ensure employees only have access to the systems and accounts they need to do their jobs. Set up an intrusion detection and prevention system to monitor for suspicious activity and potential threats.
Protect customer data
Regularly back up and control access to data by appointing administrators and monitoring user permissions. Review existing data collection practices and policies. Only collect essential consumer data.
Implement an enterprise password manager
In addition to giving IT admins visibility into employee password practices and enabling them to enforce password security policies, such as the use of strong, unique passwords and MFA, an enterprise password manager helps prevent employees from entering their credentials on phishing sites.
Secure the WiFi network
Protect the network with a strong password that is at least 16 characters, featuring a randomized mix of letters, numbers and special characters. Use a Virtual Private Network (VPN) to allow remote workers to connect securely from outside the office.