Retail IT organizations are not only tasked with supporting geographically dispersed computers and mobile devices, but also POS systems and kiosks, which are often unattended when they need to be fixed. Consequently, tools that allow IT to remotely access and fix both manned and unmanned systems are imperative in retail, but they’re also the industry’s biggest security weakness.
The 2012 Data Breach Investigations Report (DBIR) Industry Snapshot: Retail by the Verizon Business RISK Team states retailers are, “prime targets for financially-motivated criminal groups exploiting weak, guessable, or default credentials via third-party remote access services to POS systems.” Unfortunately, many retail organizations don’t realize they’re using these unsecure remote access methods, the number one attack pathway leveraged by hackers to gain access to sensitive systems and data.
Many retail data breach victims are independently owned and operated franchise stores of larger, parent retail chains who provide little IT and security oversight. These smaller retailers often lack the expertise or resources to manage their own computing infrastructure, and rely on third-party vendors for IT support. This requires that some sort of remote access and administrative service be enabled on their systems to allow the third-party to access and manage the systems. While many vendors claim they’ve taken the appropriate security measures, experience shows this is not the case, and is commonly the source of a data breach.
Bomgar’s appliance-based remote support solution allows you to remotely access and fix nearly any system or device, anywhere, while keeping sensitive data and system access behind your own secure firewall.
With our Embassy feature, Bomgar also allows you to provide secure, auditable, cross-platform remote access to vendors who need to regularly access your systems. You can create an Embassy for each and every vendor, and granularly control what each can or cannot access. Creating Embassy teams is a much more secure and manageable alternative to giving individual vendor representatives VPN access to your internal systems. Admins can monitor and report on all vendor activity through Bomgar, which captures video recordings of every remote support session showing every click and keystroke that occurred. By using Bomgar, you can track and monitor every action performed on any of your systems by both internal and external individuals.