During the holiday shopping season, the focus of many retailer decision-makers is on optimizing every potential sales opportunity. Businesses do not experience a more concentrated volume of customers looking to spend money than this and it can account for between 20 percent and 40 percent of annual sales according to the National Retail Federation. However, with such a narrow focus, it is possible for some critical aspects of the business to be overlooked, most noticeably security protocols.
This is an issue raised in a recent Search Security article that uses the Target system breach as a jumping off point. Security expert Ron Gula was interviewed in the piece and said that one of the main culprits is an annual “holiday IT lockdown.” This refers to business owners refusing to allow employees to make any changes to technology systems during the holidays. The reason for this is any mistake could knock out a critical system at the worse possible time.
The problem here is that this also means processes like POS software patches, configuration updates and firewall changes do not happen. This means important piece of security could be put on the backburner when they are needed the most.
John Kindervag, vice president and principal analyst at Cambridge, Massachusetts-based Forrester Research Inc., said that this problem is compounded because IT professionals who would oversee security software often take more vacation time during this period because of the reduction in responsibilities.
“In world where things are very dynamic, especially attacks, [a lockdown period] could very well open a retailer up to some degree of risk because they may not be as responsive as they otherwise might be,” Kindervag said.
A provider of retail point of sales systems that provides ongoing support can become a valuable asset during this time when system security is critical.