Recently, Target, Neiman Marcus and Michaels all had sensitive customer information stolen. Over 100 million customers had their data fall into nefarious hands, and the worst may be yet to come: according to some experts, the issue of retailers being hacked could be a persistent one moving forward.
"Attackers no longer spam at will," says Steve Durbin, global vice president of Information Security Forum. "They are increasingly targeting—learning the habits and preferences of their potential targets to better tailor malware to the intended audience. There's little chance that this threat will diminish, and more targeted attacks will make it difficult to track, analyze and protect against them."
Several factors contribute to the proliferation of this issue. More and more customers are using credit or debit cards, which in turn offer a wealth of information to attackers. Retail employees are typically low-paid and often replaced, two qualities that lend credence to the suggestion that many could be complicit in the crimes. In addition, many point of sale devices are outdated or poorly maintained, leaving the valuable data they collect vulnerable to intrusion.
The solution has to attack the problem from both the retailer perspective and the customers. For the former, more secure processes and newer equipment can deter hackers and make it more difficult to compromise systems. On the customer's part, credit and debit cards can be made more resistant to being cloned. A special smart chip could prevent crooks from being able to get information with just a swipe.
Unfortunately, these processes won't help for transactions that don't require the customer to use the physical card, such as online purchases. For those, perhaps a two-tiered system would be more appropriate: in addition to their card information, customers would also have to enter a specialized PIN unique to them. While no one tactic can fully thwart attackers, perhaps the combination of a variety of security measures could make the entire process much safer.
Any effective strategy for dealing with the potential that your data could be compromised should include software engineer insurance. While you can't ever be certain that your information won't possibly be breached and fall into the wrong hands, having a proper policy can help mitigate the effects and prevent an intrusion from becoming a catastrophe.