BIZTECH: Why is securing infrastructure communications such a concern?
PURIZACA: Well, the hackers are very sophisticated and they are targeting all industries. Part of the strategy is trying to stay on top of those advanced threats. Retailers should be asking themselves if they have the defenses in place if they are hit with a network attack. How long would it take to recover? Where are your weak spots?
This is particularly true for ransomware, where a hacker will basically encrypt all of your hard drives and folders. The hackers are targeting retail environments, especially in peak volume seasons like Christmas. Those are moments when retailers should stack up their defenses.
BIZTECH: What are some specific ways that retailers can strengthen infrastructure communications?
PURIZACA: Retailers should perform routine health checks on their solutions. It’s good tech hygiene. For example, if the customer has a firewall in place, and that has been configured for a couple of years now, it’s a smart call to go back in and check if the configurations need to be tuned up. It’s always good to perform those tests routinely to prevent against cybersecurity threats.
BIZTECH: What's the second core issue?
PURIZACA: The next thing is that retailers must ensure they’re keeping consumer data private, so they have to handle consumer data properly. For credit card information or any type of consumer information, they need to have the proper security and encryption levels in place to make sure that line of communication is secure. Any retailer who manages consumer traffic and consumer data should have these security guardrails in place.
BIZTECH: Can you give an example of these security guardrails?
Say we have a retail clothing company out there that does a lot of external communication with their partners or does direct to consumer business with orders online. When that communication reaches back to that retail headquarters, we have established guardrails: There’s a firewall in place that’s inspecting that traffic to determine that all the orders are valid. It’s ensuring that there is no malicious behavior going on within that processing flow. And that’s what the firewall is going to do. That’s the guardrail.