Retail Industry Drivers and Challenges
Every encounter between a retailer and a customer offers an opportunity not only to strengthen brand but to boost loyalty by providing unique value through customer tailored products and services. To provide this differentiation, retailers must know their customer in-depth. However, the application and storage of this consumer information presents a growing potential exposure for the retailer.
The longstanding retailer concern of the protection of consumer credit card information is underscored by the recent indictment of hackers in " the theft and sale of more than 40 million credit and debit card numbers” from major U.S. retailers which is “believed to constitute the largest hacking and identity theft case ever prosecuted by the Department of Justice”.¹
Retailers may risk financial loss from the card network interchange bank fines, the card networks themselves and civil lawsuits. On top of that, as of November 2008, 44 US states had enacted security breach legislation laws², for which retailers must comply. Data breaches not only represent risk to consumers but also result in direct financial losses to retailers as well as potentially having a lasting impact on the retailers’ reputation and brand.
By minimizing these risks, retailers may better protect their corporate image, brand and consumer’s trust, ultimately ensuring a profitable business.
Industry Solutions
Lumension’s Security Management Solutions Secure Consumer and Financial Data at the Endpoint
Lumension’s security management software protects consumer information from insider threats and cyber criminals who target consumer credit card data by providing comprehensive vulnerability management, endpoint security, and data protection solutions enabling you to:
| Challenge |
Lumension Solution |
| Achieving PCI Compliance |
Lumension® Vulnerability Management helps businesses in meeting specific PCI DSS v1.2 requirements. In particular, Requirement 6: Develop and maintain secure systems and applications and Requirement 11: Regularly test security systems and processes, are areas addressed by Lumension Vulnerablility Management Solution.
Lumension® Data Protection Solution aids the implementation of strong access control measures. Specifically Data Protection may help achieve compliance with Requirement 7: Restrict access to cardholder data by business need-to-know
Data Protection also provides methods for securely encrypting data that may be of use in the “normal course of business” to help businesses achieve compliance with Requirement 3: Protect stored cardholder data. |
| Preventing data breaches |
By maintaining a patch management system such as Lumension® Vulnerability Management Solution organizations minimize their exposed attack surface and reduce risk in accordance with generally accepted security practices. |
| Minimizing the impact of data breaches |
If a breach occurs, encryption of the lost data may be critical to limiting the damage. Lumension® Data Protection Solution and technology partnerships ensure encryption of data stored on a multitude of media. |