Computer viruses, worms and spyware have been around for years — even before the first use of the term ‘malware’ (malicious software) in 1990. Initially the uses of malware were vandalism or mischief. Nowadays almost all malware has been weaponised for theft.
In the next in our security series we provide some top tips to fight back against malware attacks.
1. Raise awareness
Raise awareness of the malware threat and what your staff can do to keep themselves and the organisation safe. Forewarned is forearmed.
2. Keep anti-virus/malware current
Screen e-mails and attachments. Make sure your software is set to ‘automatic update’ to get the most recent protection
3. Protect installations and configurations
Password-protect the configuration of software. One of the first things that hackers do when breaking into systems is to escalate their privileges to administrator level. No-one should be able to disable or alter configurations without authorisation.
4. Restrict web browsing
These restrictions will reduce the chance of staff visiting unsafe sites which could contain malware.
5. Prevent staff using unauthorised USB sticks
USB sticks and flash drives can easily store and transmit virus to company computer equipment.
6. Segment your network
Prohibit direct public access between the internet and your point-of-sale and payment system. Only permit what is necessary for sales and card processing.
7. Check firewall coverage
If you change anything on your network, ensure that all devices, including mobile and employee-owned devices, are still protected by the firewall.
8. Patch software regularly
And review your patching regime regularly, too.
9. Scan for network vulnerabilities
Have a supporting process in place to action any vulnerabilities reported.
10. Encrypt sensitive data
Do not store sensitive card data unless strictly necessary. Encrypt data in transit and at rest so there is less data to worry about.
This list is not exhaustive. The good news is that if your business is maintaining a robust level of security, you have a good chance of standing up to malware.
If you trade from physical stores, PXP Financial offer point to point encryption (P2PE) as a managed service to protect sensitive card data, either as a software application or full solution. Both have been tested by trained P2PE assessors retained by the payment card security standards council (PCI SSC) against the data security standard.
For a free 30-minute consultation on your payments requirements, please complete the form below or call 0844 209 4370.
The End-to-end payment platform
PXP Financial provides a single unified payments platform to accept payments online, on mobile and at the point of sale. Powered by inhouse global acquiring, 200+ alternative payment methods & financial services, PXP processes over EUR 16 billion annually through our unified gateway.
Whatever your business needs today or tomorrow, PXP Financials’ innovative payment platform will support your business growth with all the payment services you will ever need from one source, wherever your business takes you.