Close

HPE Aruba Networking Blogs

Shopping for network access security ideas

By Trent Fierro, Blog Contributor

Are retailers that different from other verticals?

Other than an intense holiday season and having to deal with credit card information, not really. As IT professionals in retail soon converge on NRF 2016, they'll find that they must still contend with the same user and infrastructure issues that all organizations deal with:

  • End-user behavior – visiting malware infected sites or downloading infected files
  • Weak passwords
  • Running legacy and unpatched technology
  • Poor network security
  • Dealing with guest and employee traffic that uses the same network

If fact, when it comes to breaches, retailers probably see less insider threats as most workers are in stores and have access to fewer internal resources than workers at an enterprise organization. But, malicious outsiders see the items mentioned above as opportunities, making retailers high-value targets.

To protect against poor end-user behavior and issues surrounding legacy systems, it's best to introduce automated workflows. By using policy management and standard operating system admin tools, users can be forced to change passwords more frequently, and health checks can be part of the normal authentication process for all desktops and laptops.

Onboarding tools for mobile devices can help eliminate the login ID and password issue in exchange for unique device certificates that are more secure and easier for the user. And, mobile device management (MDM) can be used to enforce assessments and pin codes on any smartphones and tablets.

Because guest networks usually lack authentication and encryption for the sake of simplicity, policy management and built-in Wi-Fi firewall services can ensure that guest devices are re-directed to the Internet, access to malicious websites are denied, and internal resources are guarded. In fact, web and IP address filtering for internal users should also be standard practice.

As for poor network security, it often takes multiple components working together to effectively protect a retail environment. Instead of a single, perimeter defense model, retail organizations must contend with users of all types, POS terminals, e-commerce websites, third-party vendor links, and increasingly, IoT devices like printers and security cameras.

In addition to policy management, NAC, MDM and intelligent network infrastructure, all of these components must also work with firewalls, SIEMs and analytics tools where context and usable data can be shared for real-time remediation and threat prevention. Today, an end-to-end security model and a holistic approach to security is the only way to minimize risks and adhere to changing compliance demands.