McAfee Report Examines Challenges Retailers Face to Secure In Store Payment Systems

Study by McAfee and IHL Group Finds PCI Compliance and Security Vulnerabilities are top Concerns for POS Systems

Tuesday, August 27, 2013 5:00 am PDT

Dateline:

SANTA CLARA, Calif.

Public Company Information:

NASDAQ:
INTC
US4581401001
"Customers want to be able to buy, fulfill and return anywhere. When done right, the introduction of mobile devices within the store can help enhance the customer experience but comes with expanded risks."

McAfee announced today that it has sponsored a report with IHL Group, a global research and advisory firm specializing in technologies for the retail and hospitality industries, to assess retailer security and the approaches used to safeguard retailer transactional systems. According to the report, without adequate controls to manage store systems and the increase in number and variety of devices – retailers can expect security costs to continue to increase rapidly. Earlier this year, McAfee and IHL Group conducted an anonymous survey of senior retail and hospitality executives to discuss their strategies to meet PCI compliance and security for their retail systems.

Following are some key findings from the survey:

  • While IT is constantly evolving, security must evolve, and often times much more rapidly than the devices they are tasked with protecting. The ability to tightly manage the enterprise is a big driver in managing security and controlling costs
  • Security confidence can be closely tied to the device variability within the store, increasing the number of devices is a key driver around introducing significant complication around the ability to secure the store environment
  • In the category of retailers that have more than $1 billion in revenue, there is an equal split amongst retailers using a whitelisting approach as compared to antivirus

“The retail storefront has gone through many changes over the last decade, but one thing that hasn’t changed is that customers are looking for a seamless and positive shopping experience,” said Greg Buzek, President at IHL Group. “Customers want to be able to buy, fulfill and return anywhere. When done right, the introduction of mobile devices within the store can help enhance the customer experience but comes with expanded risks.”

As a result of these changes in retail, two significant events have occurred: the increased sharing of information among more and more types of devices (with either LAN or wireless connections), and the need to be able to share information wirelessly within the store. Additionally, there’s the advancing sophistication of the criminal element looking to compromise retailer systems along with ever evolving PCI compliance requirements.

The study revealed that retailers have a good understanding about PCI compliance, but they struggle when the amount and variety of store systems increase to provide the proper security and compliance management. On average only 22 percent trust the manufacturer to provide security.

“The retail storefront has undergone significant changes to deliver convenience and speed to the customer,” said Tom Moore, vice president of worldwide embedded sales at McAfee. “Data breaches are not new to this industry, but the expanded footprint of systems like kiosks and digital signs to the mix is adding complexity to the environment. This research validates that the security concern is real and that retailers need to provide a secure experience for their customers. This is an opportunity for point of sale manufacturers to not only relieve the burden from retailers and solve the security challenge, but also enables manufacturers to provide a high valued product with built in security as a differentiator.”

According to the report, whitelisting is growing in awareness with 31 percent of the respondents including this in their security strategy for POS systems. With McAfee’s application whitelisting solutions, malware can be stopped from ever compromising and infecting a POS system or other device because only the approved application is authorized to run. Any unauthorized, executable application that is introduced to the system is blocked.

For additional report findings and to view a copy of the full report click here: http://www.mcafee.com/us/resources/reports/rp-preparing-paradigm-shift.pdf.

About IHL Group

IHL Group is a global research and advisory firm for technologies deployed in the retail and hospitality industries. With our core research and data services we are the world leader in tracking who uses what systems in retail technology, especially those systems used within the store. We are able to help retailers and restaurants evaluate those technologies that are working and those that are not before they spend the money on costly systems. With researchers around the world, we also provide market analysis and opportunity assessment for technology vendors. Retailers use our services for solution research, contract negotiations, and competitive intelligence. Vendors use our services for market opportunity and partnerships.

About McAfee

McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), empowers businesses, the public sector, and home users to safely experience the benefits of the Internet. The company delivers proactive and proven security solutions and services for systems, networks, and mobile devices around the world. With its Security Connected strategy, innovative approach to hardware-enhanced security, and unique Global Threat Intelligence network, McAfee is relentlessly focused on keeping its customers safe. http://www.mcafee.com

Note: McAfee is a trademark or registered trademark of McAfee, Inc. in the United States and other countries. Other names and brands may be claimed as the property of others.

Multimedia Files:

Preview image
(Graphic: Business Wire)
Preview image

Contact:

McAfee
Erica Coleman, 408-346-5624
erica_coleman@mcafee.com
or
Zeno Group
Greg Wood, 650-801-7958
greg.wood@zenogroup.com