Content Type
Filter By Country
Contact Us
If you are a Hughesnet customer looking for support, please visit my.hughesnet.com

Are These Devices Missing from Your Retail Cybersecurity Strategy?

Tim Tang, Director, Enterprise Solutions
Share
Cybersecurity,
Managed Services,
Technology
false
customer using tap to pay with phone

With so much growth in retail technology, it’s not surprising that some devices continue to slip under the radar. Unfortunately, just one unsecured endpoint could lead to a breach. The good news is that the right areas of focus and some targeted tools can help you secure those devices and keep your network safe.

Handhelds

Today’s retail environment is full of handheld devices. These useful tools connect to a variety of systems and data stores, plus they allow staff to streamline and accelerate many tedious tasks that have traditionally consumed a lot of time. Store associates can use handhelds to access backend systems and connect with other employees to coordinate activities and provide customer support. Most retailers have a mix of simple and complex handheld programs, and the uptick of handhelds in retail environments is creating new openings for bad actors.

Simpler implementations involve devices such as handheld scanners, which can be tightly controlled by corporate IT and easily wiped and reimaged if necessary. They’re also usually hardened and set up to protect against attacks, so their potential as a threat is low. More complex cases feature connected devices, including smartphones and tablets. These increasingly fall under bring your own device (BYOD) policies, where employees use their personal devices, and IT has little control over their use or security state.

There’s tremendous value in being able to communicate with employees and enabling them to engage with each other through their handheld devices, but these tools represent a significant cyber risk. Balancing their usability with security requires retailers to understand how to harden the backend store apps employees load onto their phones. An experienced managed services provider (MSP) can help you identify measures that will prevent the devices from becoming a target and allowing a bad actor to enter your network.

Internet of Things (IoT)

From robotics in the warehouse to automated product pricing displays, retailers are finding new and innovative ways to leverage IoT devices for increased speed, accuracy, and cost savings. While these tools deliver important capabilities, few are set up for cybersecurity. Most don’t have the capacity to support software, so retailers often can’t put an agent on the devices to enable them to protect themselves against cyberattacks. With the proliferation of IoT in retail, any networked appliance, including coffee makers, refrigerators, and TV monitors, becomes a potential point of compromise.

Solving the IoT security dilemma requires vigilance and diligence. Retailers need a way to spot new devices as they come onto the network (some can be added without IT involvement). They also need tools to control each endpoint’s network access credentials and deploy measures to defend against attacks. A robust cybersecurity strategy goes beyond a traditional firewall to include implementation of a network detection and response (NDR) solution, enabling a retailer to monitor network traffic in the store for indicators of compromise. This early warning tool provides a way to get out in front of potential intrusions and other vulnerabilities so an attacker can’t turn your IoT devices against you.

Store Manager Computers

POS terminals, along with computers dedicated to executing in-store activities, are usually at the center of a retail cybersecurity program. What’s frequently overlooked are the store manager PCs, which exist outside of the cardholder data environment. The reality is that these computers may be among the most vulnerable endpoints on your network, and they’re ripe for exploitation by cyber criminals. In fact, recent data shows that credentials were the most-compromised data in retail breaches at 38%, beating out payment cards, which dropped from 37% in 2023 to 25% in 2024. Given the extensive access most store manager PCs have via the network, a criminal might use the computer as a point of attack to see what else on the network they can access—user credentials, employee data, customer data, even corporate records.

Backoffice PCs are frequently used for non-company activities, such as when employees check their personal email or play video games during work breaks. But they may also be used as central stations for store employees to clock in and out, and for managers to coordinate employee schedules and other management responsibilities. More attention should be paid to store manager PCs because they are vital to not only the overall organization, but also to the operation of the store. If compromised with ransomware, for example, they could effectively hinder the ability to open and operate the store. Upping your cybersecurity posture to include a managed detection and response (MDR) solution helps safeguard the store manager computer against ransomware and other methods of attack. IT can be alerted to a suspected compromise quickly and take appropriate action to protect other connected assets. In addition, your MSP can also be notified, allowing your internal team to focus on core business activities while your service organization partner handles cybersecurity.

Ensuring comprehensive cybersecurity can be a complex undertaking. Developing a partnership with an MSP experienced in retail environments can help ensure your strategy includes protection for the devices your business counts on to optimize operations and delight your customers.

Explore how Hughes Managed Cybersecurity can safeguard your business.
 

Popular Insights

Provide your email below to receive a monthly round-up of what’s happening in the world of connectivity!