Many merchants have legitimate business reasons to establish remote access connections to their point of sale, including allowing resellers and other vendors to manage and update their software. However, if not configured and managed correctly they can provide an easy entry point for unauthorized intruders to gain access to the system, and potentially to sensitive customer data. The following are highly recommended tips for enabling remote access while maintaining data security:
- Limit the number of people that can access your system remotely. Only provide remote access to ones that truly require it; such as Paladin Point of Sale, Mercury and IT providers.
- Use complex passwords (as much as we all hate remembering them) for all access in the payment environment, including Paladin accounts and remote access. And plan to change your passwords every 90 days.
- Install and keep anti-virus and anti-spyware up to date. Regularly run scans and review results for malicious software. Paladin offers a managed anti-virus to keep you safe and automatically run regularly scheduled scans. Contact us for more information on these services.
- Maintain up to date software, operating systems and web browsers at all times.
- Restart point of sale daily to clear allocated memory (note: this is restarting Paladin, rather than the computer itself).
By Mercury Payment Systems, LLC