updates Archives - Nisyst Cyber Security

Six ways to increase your EPoS system’s security

30,000 websites are hacked daily across the globe. And 64% of companies worldwide have experienced at least one cyber attack. Cyber criminals target a wide range of tech such as websites, mobile phones, and computers. Unsurprisingly, they’re also known to target EPoS systems.

If a hacker were to gain access to your EPoS, it would give them access to all the information they need to clone cards, harming your business reputation and putting your staff and customers at risk. It’s vital to keep it secure. Here are six ways to increase your EPoS system’s security.

Keep everything updated

This means ensuring your system is up to date and all you have all the most recent patches. It’s easy to think “I’ll do that later”, but “later” might be too late.

Since patch updates are announced publicly, the world knows the system has a vulnerability. To use a real example, the WannaCry attack that brought the NHS to its knees, costing just under £6 million, could have been prevented if they had installed the latest patch update.

Use end-to-end encryption

With encryption tools, even if a cyber criminal steals card information from your EPoS, they won’t be able to make sense of it. Encryption tools disguise credit card information the moment the EPoS system receives it. It’s then encrypted again when that information is sent to the software’s server.

Use two-factor authentication

99.9% of automated attacks are blocked when you use two-factor authentication. This adds another layer to your security, requiring a code sent to your email or phone. It’s much harder for cyber criminals to access this instant information.

But you shouldn’t rely on this alone. You should ensure all your passwords are complex and change them regularly. It’s recommended to change them every 60-90 days. But we like to err on the side of caution. Therefore, we recommend updating passwords every 30 days.

Never connect to Wi-Fi that isn’t your own

Connecting your EPoS to public Wi-Fi makes it so simple for a hacker to intercept. If possible, ensure your Wi-Fi is WPA3, as this is the most secure. If you’re able to take your EPoS out with you, say on an iPad to an external event, don’t feel you have to connect to anything. Find an option that can work offline as well as it does online.

Consult an expert

Regularly conducting checks of your EPoS is a great idea, but an expert always knows best. Look to seek advice from someone with a lot of experience with these system. They can regularly conduct vulnerability assessments on your EPoS to ensure it’s secure.

Regularly backup your data

The sad reality is you can never be completely protected from cyber criminals, so it’s important to have a back up plan. Backing up your data via the cloud ensures that if you do fall victim to an attack, you can get back up on your feet much quicker.

The importance of ensuring you increase your EPoS system’s security cannot be understated. For the sake of protecting your customers, staff, and business, a secure EPoS should be your top priority. On the 9th of September at the Charity Retail Association Conference, we’ll be launching CHARiot Web – a secure, cloud-based EPoS system that helps keep you as secure as possible.

Ready to protect your business? If you have any questions about CHARiot Web, or if you have any general security questions, get in touch with us on 01204 706 000.

September 9, 2021/by Alia Coster

News

Cloud-based vs traditional EPoS systems: which is more secure?

Choosing an EPoS system is a big decision for many businesses. There are many factors to consider, such as reporting features, payment methods, and ease of use. But what about security? Cyber attacks are rife and saw a sharp increase over the pandemic. And as an EPoS system stores a lot of sensitive data, it’s important to choose the most secure system to protect your customers, staff, and business.

You can broadly split EPoS systems into two types: traditional and cloud-based. Each has its own pros and cons in terms of security. So is either better than the other? We weighed up the pros and cons of each to help you choose the best EPoS system for your business.

Where your data is kept

One benefit of having a traditional EPoS system is that you know exactly where your data is. Many are comforted knowing it’s on site or even stored in a location where they can control the security. But while this can be considered a pro, it can be a con too. By having your data stored on-site, it could be less protected. There’s the possibility of accidentally damaging your system or even theft.

Since cloud-based systems are off-site, there’s an extra layer of physical security for your data. And it’s not a cost that falls to you; the server host pays for the building, security, and even the hardware. It saves you money in the long run. And with over 70% of executives suffering an accidental internal breach within the past five years, storing the system off-site could help prevent this. But this will come down to personal preference and how much you trust your EPoS provider to keep your data safe – and even if they back it up.

Updates

Cloud-based EPoS systems can be regularly updated via the cloud. This means your data can stay secure as these updates should tackle new bugs, errors, or cyber threats. And it can all be done over the cloud, meaning there’s no need for a technician to actually come out to your shop.

Traditional EPoS systems might be the opposite. The physical hardware might need regular maintenance and updates might not be as frequent. Check what frequency it’s updated at, if at all. The benefit of this though is it might be a popular system, so any new starters could be familiar with it.

When it comes to traditional vs cloud-based systems, there is no one right choice. Some of the decision will come down to your personal preference. But after this past year, you need every advantage you can get. Opting for cloud-based puts you in a better spot for the future. So don’t just consider what you need now, but what you will need in the future.

At Nisyst, we know how important it is to have an EPoS that’s tailored to your needs while being as secure as possible. For anyone in the charity sector, we’ll be at the Charity Retail Association Conference on the 9th and 10th of September, where we’ll be launching our cloud-based EPoS system CHARiot Web. Come by our stand to find out more or call us today on 01204 706 000.

August 19, 2021/by Alia Coster

Cyber Security

Five simple mistakes that can leave you vulnerable online

By now, we’re all well aware of how dangerous the online world can be. We know not to send our card details to some Nigerian prince who turns up in our spam folder. And we know we shouldn’t leave our password written on a post-it note stuck to our laptop screen. These are obvious ways to leave yourself vulnerable online.

But some of the biggest mistakes people make are simple ones that you might not realise are important as they are. You and your staff have to be constantly on the ball. Thankfully, these easy mistakes are also very easy to fix. Let’s look at five of the most common errors and how you can change for the better.

Putting off software updates

We get it – it’s annoying when you’re busy working and that little pop-up interrupts you just to tell you it’s time to update your software or OS. You might put it off, telling yourself you’ll get to it later, but later doesn’t come until it’s too late. These software updates are crucial as they often patch up holes in the security, keeping you from being vulnerable online. Not to mention the fact it should give you new features and fix bugs.

It might feel like a pain to constantly update your software – especially if different ones are updating at different times – but it’s essential. To make it easier for you, turn on auto-updates if possible. Or make a habit of checking for updates at the end of your working day and let it do it while you go about the rest of your day.

Posting everything on social media

Social media is a fun place to share updates, talk to friends, or simply tell people what you’re eating. But over sharing can be risky. By sharing too much about your personal life, hackers can piece together your details to figure out passwords.

There are two ways to fix this. First, ensure all your passwords are secure. Don’t make it just one word; combine letters, numbers, and symbols to make it harder to crack. Second, watch what you put online. Be careful about any “fun” Facebook posts that ask you to complete a quiz about yourself or post about your life story. These details are often used in people’s passwords, so you’re just giving away free information. It seems obvious right now, but when you’re bored and scrolling through Facebook, it looks innocent enough.

Using weak passwords that you never change

When it comes to passwords, many people use obvious choices. It might be their child’s name, an anniversary, a pet, or even just a simple “password123”.

Then they use that same password for months. It’s essential to create strong passwords that you change often. And you should never use the same password twice. If you find it impossible to remember every password, try using a password manager to keep them all in one secure place.

Using sites that aren’t SSL certified

Have you ever noticed the little padlock at the far left of the search bar? Or maybe a URL that started with “https://”? That “s” and padlock signifies the site is SSL certified. SSL certified means you’re at a much lower risk of having your information stolen, as it’s encrypted. If you plan on making a purchase from a site, ensure that it’s SSL certified as it’s much harder to hack.

Using free public Wi-Fi

Everyone does it so it must be safe right? Not quite. Public Wi-Fi isn’t entirely secure. Any hacker could easily intercept everything your device sends or receives. Not only that, but it isn’t uncommon for cyber criminals to impersonate Wi-Fi services, tricking you into connecting to them where they can then steal your information.

The best course of action is to simply ignore it. It’s easier and safer to use your own data. Even public Wi-Fi that’s password-protected is a risk as you still don’t know who’ll be lurking on the same network.

There are so many ways we can accidentally leave ourselves vulnerable online. Without realising, it’s all too easy to give your private information away. Being aware of dangers and learning how to stay safe will help us develop better online practices and reduce risk.

Nisyst Cyber Security has been at the forefront of the UK tech scene for 30 years. We can conduct a vulnerability assessment to identify any security loopholes. Ready to protect your business? Call us now on 01204 706 000.

June 24, 2021/by Alia Coster

Posts