Importance of Securing Point of Sale Systems essay

Download this essay in word format (.doc)

Note: Sample below may appear distorted but all corresponding word document files contain proper formatting

Excerpt from essay:

Intrusion Detection Systems: Retail-Based Cybercrime and the Importance of Security Point of Sales Endpoints Systems

Retail-based cybercrime and the importance of security Point of Sales Endpoints Systems

The recent technological advances have resulted in increased dependability of network-based technology for everyday usage. Points of sales systems have also evolved, and they are now linked to the company's network, which makes them vulnerable to attacks. The number of attacks leveled against POS endpoints has increased steadily in recent times [1]. This is because they are mostly stand-alone and they are used to capture credit card information. The attackers are mostly interested in customer information for fraud or identity theft purposes. In order for POS systems to verify customer information and process credit cards, they need network connection. The network connection provided is dependent on the store. Large stores connect their POS systems to the internal network in order to simplify administration and reduce costs. The internal network will have access to internet connection, but at a different level. Therefore, the POS will need to get authorization from the firewall and router before it can receive or send out any information.

With the continual capture and processing of sensitive information by POS systems, there is increased possibility of attack. Cyber criminals are attracted by the possibility of acquiring large information and making a kill out of the information. A majority of the POS systems will have some mechanism for preventing unauthorized access like passwords, but other elements are available that make it hard to keep the attackers at bay. Network systems are more vulnerable and once an attacker gains access to a network they would manage to access all the nodes connected on that network.

Motivation for solving the problem

Securing point of sale systems is vital to ensure that customers can make purchases securely. To encourage more customers to use their credit cards, retail outlets need to provide the customers with a guarantee that their systems are secure. The problem of cybercrime has gained popularity in the recent times. The attackers are making use of system vulnerabilities that manufacturers are unaware of, thus catching customer's off guard. Encouraging retail outlets to safeguard their POS systems would ensure that the retailers are able to guard and protect customer data and information at all times. Using intrusion detection systems, a retailer is able to know whenever an attempt is made to access their systems. Cyber security is vital to ensure that economies grow, and businesses flourish. Current business trends lean towards networked systems, and if there is a threat to some systems, the advances made will result in failure. Protecting and providing retailers with a means of securing their systems would ensure that they could securely conduct transactions online.

If this project were successful, it would improve on the security of point of sales endpoints. The POS endpoints would have a secure method of checking the network before submitting any information. This way if there were any intrusion the POS would not submit the data. There is also a possibility of attackers using memory-scraping malware. This malware is used to scrap data from the memory of POS endpoints. To protect against this malware, the project would use intrusion detection systems and antivirus software that can scan and remove malware. The project would encourage and train retailers on how to protect their systems and guard against any attack.

Approach

The proposed approach is implementing an intrusion detection system that has the capability to incorporate both statistical analysis and expert system analysis. Combining both methods will ensure that any intrusion is easily identifiable and the security officer is notified. Attackers might be able to overcome one of the methods, but to overcome both would be difficult. Having definitions for both, normal and proper behavior guarantees that the system is able to monitor and keep track of all activity. Audit trails, and system logs will be used to record user activities. The logs are only accessible by the system admin and security officer. This adds security as a user cannot modify the logs. Statistical analysis experience and knowledge is vital in order to interpret correctly the data collected. The research will use the SPSS statistical program. The researcher does have access to the tools and possess the requisite expertise.

The proposed timeline for the project is three months. This timeline will allow the researcher to analyze different retail outlets and capture data on how they secure their systems. The initial deliverable for the project is the analysis of the statistical analysis system followed by the expert system. Analyzing the statistical analysis system would allow the researcher to gain knowledge on how the different retail stores have defined their normal behaviors. Each store will have its own definitions based on what they perceive as normal usage behavior. Understanding the different behaviors will ensure that the researcher identifies the common behaviors and is able to propose other behaviors in their research. The expert system deals with proper behavior definition. Proper behavior is concerned with how a person will use the system. Having defined what is considered as proper behavior, the expert system has the capability to determine when a user goes against the set behaviors. The expert system will analyze the users at different usage levels, and if a user is found to be copying or trying to access data they are not authorized it would alert the system admin. Researching on different retail outlets will provide the researcher with information on how each store has defined its proper behavior, and measures they have put in place to counter any threats. This way the researcher can understand how users can use their access privileges to perform illegal activities.

Goal

Planned activity

Expected results

Timeline

Literature review

Conduct library search for materials related to topic.

Review the research and identify materials to use.

Identify gaps within the research conducted.

Identify areas that need further research as identified by the previous researchers.

Two weeks

Statistical system analysis

Visit the identified retail outlets and analyze their system.

Conduct interviews with the key personnel.

Interview some of the system users.

Data regarding the system being used.

How the system has been implemented.

Security areas covered by the system

User friendliness of the system

Three weeks

Expert system analysis

Conduct in-depth analysis of the system.

Interview the system developers

Identify threat areas mitigated by the system.

Identify any actual threat that the system has managed to prevent.

Three weeks

Review of results

Enter the data gathered into the statistical program.

Analyze the results.

Develop a hypothesis based on the information derived from the data

Sensible information after the data has been processed.

Based on the information, the researcher is able to identify patterns shared by the retailers.

Three weeks

Report writing

Develop the report and accompanying charts

Finalized report

One week

Competition

There are numerous competitors all focusing on the capabilities of intrusion detection systems for the retail outlets. There is a survey conducted by Peyman Kabiri and Ali A. Ghorbani [2] that analyses the current trends in regards to intrusion detection systems. The researchers have also analyzed the tools employed by other researcher sin this field. Research conducted by Steven R. Snapp [3] focuses on the extent of intrusion detection systems to the whole network. They have not focused primarily on retail outlets, but rather on the whole network topology. After an attack on Target's POS system, there was extensive research conducted by the company and independent researchers. The research was aimed at establishing how the attack occurred and identify the vulnerabilities. Visa Company also conducted its own independent research and established that the attack was conducted via a malware referred to as Dexter. The researchers provided recommendation to all retail outlets and encouraged them to do a system vulnerability test.

The researches and journal articles are based on intrusion detection systems for networked systems. They are related to the project as they provide a foundation, which could be built upon during the research. The researches and surveys will assist during the research to identify the areas that one should focus when conducting the actual research. Focusing on the areas that they had omitted would ensure that the research does progress the work initiated. The journal article that analyses the attack on Target's computers is a revelation as it is very recent and would provide information on how a current attack could occur. This will enable the research to identify the areas to focus upon.

Benefits of the project

Demonstrating the usage of intrusion detection systems on a real retail outlet would demonstrate the benefits of the system to other retailers. POS systems are been used in many retail outlets, and the continual usage makes them vulnerable [4]. Conducting research on methods for protecting the systems is vital in preventing cyber criminals. Focusing on recent trends employed by the attackers ensures that the research is current, and retailers could employ the recommendations. The research will demonstrate that having compliant hardware and software…[continue]

Cite This Essay:

"Importance Of Securing Point Of Sale Systems" (2014, May 22) Retrieved December 6, 2016, from http://www.paperdue.com/essay/importance-of-securing-point-sale-systems-189365

"Importance Of Securing Point Of Sale Systems" 22 May 2014. Web.6 December. 2016. <http://www.paperdue.com/essay/importance-of-securing-point-sale-systems-189365>

"Importance Of Securing Point Of Sale Systems", 22 May 2014, Accessed.6 December. 2016, http://www.paperdue.com/essay/importance-of-securing-point-sale-systems-189365

Other Documents Pertaining To This Topic

  • Sales Promotion Techniques Used in

    Since the 1970s, the global retail clothing industry has experienced intense international competition and major shifts in the pattern of consumer demand. These pressures have had far-reaching implications for the clothing industry in the areas of pricing, design, quality, manufacturing processes and employment (Rath, 2002). According to this author, "In the 1970s, traditional manufacturers, particularly High Street retailers with their own manufacturing capacity, found themselves unable to compete with low

  • Sales Management Motivating the Sales Force

    Sales Management: Motivating the Sales Force Motivating the sales force is often based on providing the sales force with rewards based on performance and this is an important motivational tool. At the same time, it must be recognized that for this to be effective, other needs must first be taken care of. To investigate this idea further, several motivational theories will be described with each applied to the sales force. This

  • Importance of the Alcan Case

    Alcan's continued revenue growth is the result of the combined success of increasing sales in four main business units, in addition to growth through acquisition. The cumulative effects of these two factors have served to create a profitable business and one where a highly decentralized organizational structure dominates (Chang, Wang, 2011). The catalyst of the organization becoming so decentralized is the continued revenue gains made across four businesses, each competing

  • Networking Practical Networking in the Modern Business

    Networking Practical Networking in the Modern Business Environment Networking architecture is vital in the organisation of any business firm in today's globalised world. RFID, Cloud Computing, Intranet Network Architecture and Digital Rights Management (DRM) are major fields of endeavour that require the resources of companies. Increasingly, all aspects of an organisation are linked via the Internet and various other technologies in ways of connectivity that we did not even imagine before. Radio Frequency

  • Information Systems and Its Effects on Business

    information systems and its effects on business processes. Moreover, I have explained the several business components and their effectiveness as information systems. In addition, I have provided information regarding the effects of information systems on various business careers. Information systems have brought revolutions and innovations in today's business' setups and also have developed a close relationship with globalization. The responsibility of these information systems in an organization is not to

  • Future Trends for Civil Aviation the Importance

    Future Trends for Civil Aviation The importance of a viable civil aviation sector to national security has been well documented, but the aviation industry continues to struggle with skyrocketing fuel prices and highly regulated operational environment. In this setting, it is not surprising that some civil aircraft engine manufacturers have fallen by the wayside while others have prospered by achieving a competitive advantage of some sort. To identify what strategies

  • Relationships and Distinctions Between the Information Systems

    relationships and distinctions between the information systems concepts of data warehousing and data mining, which combined with online analytical processing (OLAP) form the backbone of decision support capability in the database industry. Decision support applications impose different demands for OLAP database technology than the online transaction processing (OLTP) model that preceded it. Data mining with OLAP differs from OLTP queries in the use of multidimensional data models, different data


Read Full Essay
Copyright 2016 . All Rights Reserved