How can retailers secure customer data?

Self-service checkouts, unmanned grocery stores and click and collect services are all prime examples of the innovative ways in which digital technologies are being used to enhance retail operations. However, the systems powering the new frictionless retail experience contain complex layers of customer data capture, making them an ideal target for cybercriminals. Whether they initiate a ransomware attack to extort money in return for restoring files or use cryptocurrencies to trade stolen data on the dark web, criminal gangs will stop at nothing for financial gain. 

The repercussions of a data breach can be vast. Not only do retailers face expensive fines and significant reputational damage but, they also risk losing customer trust. A KPMG study found that 33 per cent of consumers would take an extended break from shopping with a retailer in the event of a breach, while 19 per cent would stop shopping with them altogether. Even if data is recovered, repairing reputational damage and regaining customer trust could be costly.

To minimise risk, Axis Communications’ new Cybersecurity: a big threat to retail white paper recommends that retailers train all staff so they know the procedures for managing data and reporting breaches. They should also ensure that software and systems are fully covered by the latest security patches and firmware updates. In addition, IT and security managers should look at their entire system to identify any potential weaknesses so they can implement measures to prevent it from being compromised.

Modern physical technologies – such as network-enabled cameras, access control devices, audio systems and sensors – can be used safely to improve crime detection and deterrence. However, they must be implemented carefully. If they are left unsecured, they can act as a vulnerable backdoor through which potential attackers could gain access to the retailer’s network, intellectual property and customer records.

When choosing security solutions, it’s vital for retailers to find providers with the Surveillance Camera Commissioner’s Secure by Default accreditation or similar credentials. This proves that their technologies were built in accordance with cybersecurity principles from the ground up, ensuring they deliver maximum protection to the retailers’ business data.

In addition, retailers must evaluate the total cost of ownership to identify hidden aspects, such as the critical addition of ongoing maintenance and service agreements that would include software and firmware upgrades. This will help retailers to mitigate the threat of a cybersecurity breach and protect people, premises and assets for years to come. 

Graham Swallow is a business development manager for the retail sector at Axis Communications

This article was originally published in the Spring 2020 issue of The Record. Subscribe for FREE here to get the next issues delivered directly to your inbox.