Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security in Retail Complying with Standards While Increasing Revenue, Profits, and Efficiency February 2008.

Similar presentations


Presentation on theme: "Information Security in Retail Complying with Standards While Increasing Revenue, Profits, and Efficiency February 2008."— Presentation transcript:

1 Information Security in Retail Complying with Standards While Increasing Revenue, Profits, and Efficiency February 2008

2 Turning Necessities into Advantages  Networked technologies are enabling critical business initiatives  Lowered costs through reduced labor and tighter vendor integration  with Enhanced Rich Internet Applications = enhanced customer service  Increased revenue with e-commerce  As retailers rely more on their networks, network vulnerabilities become more critical  Regulations and industry standards are forcing some best practices in information security  A comprehensive, strategic view of network security helps retailers realize the full benefits of their networks

3 Technology Adoption Path Dial-up Credit Card Processing Electronic Registers Barcode Stock Management Barcode Scanning at Register Barcode Inventory and Replenishment UPC Warehouse/ DC Inventory Management Electronic Employee Register Access Sales Data Analysis Wireless POS Wireless Inventory and Stocking EDI Batch Sales Data Upload Logistics Visibility Broadband at Storefront Real-time Supply Chain Visibility at POS E-commerce Leased Line Network Internet-based Network Customer Database Customer Data Analysis BACK OFFICE STOREFRONT Lower Costs Increase Inventory Performance ERP RFID Kiosks Vendor-managed Inventory Business Drivers

4 Retailers Are Seizing The Opportunities 19% 33% 35% 52% 36% 25% *Retail Information Systems 5/07

5 More Company Value Depends On Networks Leveraging networks to increase customer satisfaction  Supply chain visibility at POS (product availability, ETA for deliveries, real-time order placement, etc.)  Maintenance of customer data (loyalty programs, mailing lists, purchase history and warranty information, service records, etc.)  Remote/mobile connectivity for direct sales at customer premises  Remote/mobile connectivity with outbound installation, support and service calls  More electronic self-service (online, kiosks, store-provided handheld or shopping cart device, loyalty program status checking)

6 More Company Value Depends On Networks Leveraging networks to cut operating costs  Vendor integration with corporate systems  Third-party (installers, service and support providers) access to data  Online tunnels to data in support of ecommerce initiatives  Fractional staff (call-centers, telecommuter) access to systems and records

7 More Company Value Depends On Networks Enabling cross-channel selling to increase revenue  Contact centers (phone)  Catalog/direct mail sales  Online  Affiliate sales Outsourcing cross-channel operations to cut operating costs  Call-centers for phone sales  Catalog sales processing and fulfillment  E-commerce website development, maintenance, and fulfillment

8 Now you need to secure that value…

9 Networks Bring Security Issues Dial-up Credit Card Processing Electronic Registers Barcode Stock Management Barcode Scanning at Register Barcode Inventory and Replenishment UPC Warehouse/ DC Inventory Management Electronic Employee Register Access Sales Data Analysis Wireless POS Wireless Inventory and Stocking EDI Batch Sales Data Upload Logistics Visibility Broadband at Storefront Real-time Supply Chain Visibility at POS E-commerce Leased Line Network Internet-based Network Customer Database Customer Data Analysis BACK OFFICE STOREFRONT Lower Costs Increase Inventory Performance ERP RFID Kiosks Vendor-managed Inventory Business Drivers

10 The Internet Increases Security Issues Dial-up Credit Card Processing Electronic Registers Barcode Stock Management Barcode Scanning at Register Barcode Inventory and Replenishment UPC Warehouse/ DC Inventory Management Electronic Employee Register Access Sales Data Analysis Wireless POS Wireless Inventory and Stocking EDI Batch Sales Data Upload Logistics Visibility Broadband at Storefront Real-time Supply Chain Visibility at POS E-commerce Leased Line Network Internet-based Network Customer Database Customer Data Analysis BACK OFFICE STOREFRONT Lower Costs Increase Inventory Performance ERP RFID Kiosks Vendor-managed Inventory

11 Network Threats are Business Threats  Supply chain visibility at POS (open systems to vendors)  System viruses or attacks can slow or stop transactions  Maintenance of customer data (open systems to employees)  Potential financial and legal jeopardy from lost or stolen data – or inappropriate content in the workplace  Remote connectivity (open systems to contractors/telecommuters)  Exposes customer records to theft  Electronic self-service (online, kiosks) (open systems to customers)  Creates vulnerabilities for hacking and phishing/pharming scams When you open up your systems to opportunities, you open them up to threats:

12 12 PCI-DSS Payment Card Industry Data Security Standards  PCI Standards Council  JCB and Visa International  American Express  Discover Financial Services  MasterCard Worldwide  The protection of cardholder data anywhere it resides within, or is transmitted by, a merchant’s system.  Enforced by credit card companies, not governments - yet  Non-compliance can result in fines, restrictions of credit card services and loss of consumer confidence

13 PCI?.. Yes!  Credit card companies don’t want to foot the bill for retailers’ data security breaches  They’ve pushed the liability down to the retailers  Compliance with PCI standards is voluntary, but even one mistake can be one too many!  The good news: PCI standards are just sound network practices

14 Real Security Is More Than PCI * Gartner, 2006 **U.S. Bureau of Labor  Compromised systems run slower or fail completely  What will 1 minute lost per customer cost in employee expenses and customer loyalty ?  Liability judgments come right off the bottom line  Data breaches cost $350 per lost customer record*; what would such a loss cost you?  Each additional connection to your network increases your exposure exponentially  Do you know how many users your vendors allow to access the system?  What % of your outsourced services are fulfilled by contract/fractional staff?  Catastrophic data loss can be fatal  93% of companies that experience “significant data loss” are out of business in 5 years**

15 Security Considerations in Retail Solutions  Global management: Can you see and control access to your network and databases down to the user level?  Network traffic “lanes”: Can you segment and control different kinds of network traffic based on security levels (i.e. transactions from outsourced call center vs. O&O storefronts)?  Activity controls: Can you permit or deny different types of network activity (i.e. accessing financial information)?  Content filtering: Can you accept or reject different file types and Internet content (i.e. music files and video downloads)?  Stored data protection: Can you secure and preserve customer and proprietary data across your organization so that it doesn’t get lost or corrupted?

16 Security Considerations in Retail Solutions  Wireless network access: Can you secure your premises equipment from being used/accessed from the street?  Inappropriate content in the workplace: Can you prevent the use of gambling or other online shopping sites from appearing in the workplace?  Digital Signage: Can you secure your premises equipment from being disrupted/misused?  VoIP: Can you protect telephone-based business on this Internet-based platform?

17 Basic Secure Network: Single Location Warehouse / DC POS Store Admin Wireless Inventory Mgt. CDP Storefront Network Mgt. Bank Firewall

18 Basic Secure Network: De-Centralized Multi-Storefront Warehouse / DC POS Store Admin Wireless Inventory Mgt. CDP H Q Storefronts Kiosk Outside Sales / Service Vendor VOIP Call Center Network Mgt. Firewall Secure Wireless Firewall SSL-VPN Bank Firewall CDP E-commerce Site

19 Basic Secure Network: Centralized Multi-Storefront Warehouse / DC POS Store Admin Wireless Inventory Mgt. CDP Storefronts Kiosk Outside Sales / Service Vendor VOIP Call Center Network Mgt. Secure Wireless Firewall H Q Bank Firewall CDP E-commerce Site

20 SonicWALL Reference Customers  Ace Hardware  Big Dog Holdings  Big Save Furniture  The Body Shop  Bubba Gump Shrimp Restaurants  Health Business Systems (Pharmacy)  Holiday Inn  IHop  Jenny Craig  Kemeny's Food and Wine  Panda Express  Patagonia  Rent-a-Center  Van Cleef & Arpels  The Walking Company  The Wet Seal Angela to update with Logo slide

21 Summary  Your key business initiatives probably have an information technology component  Network and information security is essential to protecting your business  Customer relations  Profitable operations  SonicWALL has proven solutions for every aspect of information security in retail environments


Download ppt "Information Security in Retail Complying with Standards While Increasing Revenue, Profits, and Efficiency February 2008."

Similar presentations


Ads by Google