Analysis: Five Steps to Data Breach Prevention

Press enter to search
Close search
Open Menu

Analysis: Five Steps to Data Breach Prevention


When was the last time you were witness to a shopper paying for a purchase with actual cash? In today’s retail market, the majority of shoppers are leveraging credit and debit cards for their purchases – the more progressive group has even started using mobile wallet options. Although the mobile payment adoption rate is increasing, industry experts realize that with convenience comes the burgeoning of security risks such as data breaches.

It’s been a tough year for the retail industry, especially for high-profile brands such as Home Depot, Target and Neiman Marcus. According to recent reports, Home Depot has officially announced that over 56 million credit cards were stolen – the data breach landscape is evolving and unfortunately, not slowing down any time soon. Retailers must find a way to keep customers’ financial data.

Adopting a data security strategy based upon the guidelines of the PCI Data Security Standard (DSS) is only a start to protecting customers from potential breaches. Here are five key initiatives retailers must do to effectively secure consumer financial data:

1. Know Exactly Where Your Business is Being Conducted

The majority of retailers have their customer data spread out across multiple locations, including at the company’s corporate offices, at specific retail store locations or even within the brand’s online portal. Because of this, it is critical for retailers to understand how and where customer data—especially payment information—is being accessed, handled, and most importantly, how it is being secured.

2. Recognize Data at Rest

Retailers are constantly storing information in multiple locations, usually for the customer’s convenience. However, data stored on portable devices such as laptops or archived on servers is often forgotten and—as a result—becomes a prime target for hackers. Retailers must encrypt all data at rest. By doing so, there is little to no concern should a device be stolen or lost.

3. Track Moving Data

Retail brands need to have a clear understanding of how their customer’s data is moving through its infrastructure. Technologies like sniffers and network traffic monitoring software enable retailers to track where customer data has been, where it’s headed and most importantly whether or not it was encrypted during flight. This allows for retailers to adjust security measures in response to a potential threat.

4. Join Forces with a Security Expert

By partnering with a data security vendor, retailers can leave the managing of their security infrastructure up to the experts and focus on what’s really important to their brand—selling merchandise and keeping customers happy. A partner can monitor and implement the most appropriate security measures in response to both current and emerging threats.

5. Implement an Encryption Policy

Retailers need an encryption policy that is mandatory yet manageable. Role-based controls are also a critical component; this implies only specific individuals have the ability to control or access information. Routine and ongoing audits are also always recommended to ensure that a company’s data security and encryption polices are constantly being enforced.

It’s unfortunate that data breaches continue to happen and that they are compromising the personal information of millions of consumers. These recent breach incidents have created a heightened sense of awareness for the industry; IT decision makers and high-level executives are recognizing the need for better security policies and strategies. The best we as security professionals can do is continue to evolve and create innovative solutions to help better protect our customers’ data.

The five steps noted above are an important aspect of that continued evolution; they are also explained in further detail in our recently published eBook, “Five Observations of Retail Data Breaches: Why Include Encryption?” (available for download at

Mark Hickman is COO of WinMagic