NCR Counterpoint Blog

Securing Your Network with a Layered Security Approach

Posted by Paul Bishop on Jun 1, 2015 10:27:00 AM

Security and PCI compliance are a concern for everyone doing business today. How can you secure your system while making it harder for unauthorized users to gain access to financial information and perpetrate identity theft? The most important way a network can be secured is using a layered security approach. We'll take you through several steps to help minimize your risk for a security threat. 

 

Firewalls: Firewalls are a first line of defense at the perimeter of your network. They do a great job at catching many threats, but no one firewall will catch 100% of spam, viruses, malware, ransomware (think Cryptlocker) or any other junkware that is out there.

Anti-virus Program: After a firewall, there should be antivirus software installed and updated on every machine that touches the firewall and the internet. It should go without saying, but outdated AV software is as much a threat as not having any.

White List: After installing a firewall and anti-virus program, make sure to whitelist both web sites and applications. Malware cannot infect machines if the code cannot run. White listing is much easier than blacklisting in a general way because you identify only the web sites and applications that are allowed to run, excluding everything else.

security layers

Passwords: Complex passwords are yet another line of defense. PCI standards dictate a 7 character password with 3 of the following 4 characteristics; capital letters, lower case letters, numbers and special characters. It’s fairly simple to make a complex password that’s still easy to remember.

Network Segmenting: Many merchants like to provide their customers with Wi-Fi access. When doing so, it is of the utmost importance to keep the Wi-Fi separated from the POS segment of the network.

Data Storage and Transmitting: How you transfer and store your customer's data can be vital in protecting their financial information. Using software that uses Point - to - Point Encryption and Tokenization can help reduce your risk of someone accessing important financial information. 

Using a layered security approach will help you filter out the threats that exist today. When implementing all of the above security layers for network security, the risk of intrusion and theft goes down significantly and peace of mind goes up inversely.

 

New Call-to-action  

Topics: Security