Many merchants have legitimate business reasons to establish remote access connections to their point of sale, including allowing resellers and other vendors to manage and update software systems. If not configured and managed correctly, they can provide an easy entry point for unauthorized intruders to gain access to the point of sale system, and potentially to sensitive customer data. The following are highly recommended tips for enabling remote access and maintaining data security.
- Limit the number of people that can access the system remotely. Only allow and provide remote access to those who have a strong business need. This typically includes the point of sale system vendor/reseller for remote service and may also include owners, management and administrators of the merchant location.
- Use complex passwords and two factor authentications for all access in the payment environment including point of sale accounts and remote access. Properly store authentication/security tokens and change passwords every 90 days.
- Do not share remote access credentials. Ensure that each user with remote access has a unique username and password. In multi-location business environments, be sure to create unique credentials for each business location.
- Disable remote access user accounts when no longer needed.
- Install and keep anti-virus, anti-spyware and firewalls up-to-date. Regularly run and review results of scans for malicious software.
- Maintain up-to-date software, operating systems and web browsers at all times. Use the latest version of a remote management product or service.
- Avoid leaving remote access software on and “listening” for incoming connections. Select a remote access package that requires a user at the merchant site to start or log on to initiate a remote access session when possible.
- Reboot point of sale systems daily to clear volatile memory, and consider using a secure file wiping utility that can securely clear the contents of the page (swap) file.
Written by Mercury. www.mercurypay.com. 800-846-4472