Iran Attacked by Another Virus: Flame

Iran has confirmed that they have been attacked by another virus, Flame, which collects information on high-ranking officials.

Remember Stuxnet? Unlike it, Flame is not destructive but is considered more dangerous for obvious reasons.

The virus is thought to have originated in Israel since the encryption patterns are similar to previous malware threats which were programmed in the country.

To read more on the virus and what the Iranians have to say about it CLICK HERE.

What is Your Retail Loss Prevention Strategy?

What is Your Loss Prevention Strategy?

By Scott Kreisberg, CEO One Step Retail Solutions

When it comes to security and protecting your assets, you need a good strategy. You will know how good that strategy is when you try to balance the cash register at the end of the day; when you do your physical count; when you are faced with a computer crash; or when too many of your customers start having identity theft on their cards. Do you want to wait until then to find out that your protection was inadequate?

The most effective method to achieve security has always been a layered approach. In other words, instead of just relying on a single solution, you set up a number of protective layers and thus greatly reduce the chances of being a victim.

Airports are an example of a layered approach: there are visual inspection of ID’s and tickets before you are allowed beyond a certain point, there are TSA agents observing via cameras, there are metal detection imaging devices that you must go through, and there are personnel at the ramp to the plane who check tickets and ID’s again.

We at One Step Retail take a similar approach to protecting you and your business from both external and internal threats. After all, we have been around helping retailers for 25 years and we hear about disasters from unprotected retailers. Consequently, we want to ensure you do not experience the same thing.

What would happen if all the information stored in your computer were suddenly lost? Or you had a hacker or virus or Trojan attack? Could you recreate this information? If so, how much time would it take? How much would it cost? What about dishonest employees? Most importantly, would your business survive?

In today’s economic climate, it is vital to protect your assets and one of the most important assets you have is your data. If you lost it, it could possibly close your store. That may be hard to believe, but look at these statistics from Comdisco Vulnerability Index Research Report:

  • 82% of companies are not prepared to handle a computer system disaster
  • 83% of corporate data recoveries from tape backup FAIL
  • Only 6% of companies that suffer from a catastrophic data loss survive

In our own backyard, we’ve seen it happen. Two different clients thought they were backing up and protected, but then their computers crashed and they discovered otherwise. After a year of manually inputting all the missing data, one retailer still occasionally scans an item that should be in the system but isn’t. Another client lost years of data and had to pay for expensive data recovery but not all of it was recoverable.

In the category of dishonest employees, one client after six months of periodic cycle counts being off, finally traced down the problem to an employee taking fictitious “returns” and giving refunds-to herself. Another client had an employee who, as their Systems Administrator, embezzled money from them for five years. Months of sales information in their computer records was missing and she said they had been lost. Where was the backup? This company went out of business two years later.

One Step has researched resources and partnered with experienced, honest vendors to bring you layers of security specific to your needs as a retailer.

With RetailSafe, you have a professional backup service that knows retail and their data backup needs, plus you as our client get a discount for their services.

With sonicWall you get not only an intelligent state-of-the art firewall protecting you from malware, you get PCI compliance integrated into the system protecting your business from another type of disaster. You can buy firewalls including sonicWall at Amazon but none of them will be PCI Compliant out of the box. You must be trained on how to properly configure the firewall in order to meet PCI compliancy. So, buying them from anywhere else would be an utter waste of money.

With Quadrox you have a Network Video Recording system that can, among other things, integrate with your POS. The POS is a primary location for employee theft or mistakes. For example, you could quickly access the time when an employee issued a return and refund (as noted on the POS) and see actually what happened on the video—no cycle counts for six months to discover the dishonest employee.

So, start getting these layers firmly in place. If you have some or all of them already, make sure:

  • they are working
  • you are verifying on a regular basis that they are working
  • they are adequate for your specific needs as a retailer
  • you understand them and can use all of their features
  • you not only can use their features, you are using them

Facebook Security

As the use of social media sites grow, so do the security concerns that go with it. Many of us of have a Facebook or Linked in account, but how secure are we? People tend to share information on social sites that they would not normally share with friends or acquaintances. Most of these sites are adding new features daily and some of the features give applications and search engines direct access to personal information.

The biggest mistake I see people make is entering their date of birth, including the year. This provides someone who is potentially looking to do identity theft a lot of useful information. Many people list their high school or mention pet names, both of which are common security questions for accounts.

Facebook has many security options that allow members to select who can have access to what kind of information or pictures. I would suggest that you visit this section under ‘Account Settings’ and customize it to your preference.

Below are some basic tip’s to help you stay safe and secure on the web.

  1. Remove your date or birth from your profiles.
  2. Use different passwords for your various online accounts.
  3. Don’t click on links or open attachments in suspicious emails.
  4. Make sure you have an up-to-date web browser equipped with an anti-phishing blacklist. Some examples are Internet Explorer 8.0 and Firefox 3.0.10.
  5. Make sure you’ve listed a security question and answer for your online accounts. This will come in handy if your account is compromised and need to prove who you are. You can do this on Facebook in the ‘Account Settings’ page.
  6. Remember that you choose what you share and with whom you share it.