Protecting Your POS Systems

In last month’s newsletter, we talked about protecting your data.  In this past month, many of us lived through Hurricane Irene and then Tropical Storm Lee and many of us were greatly impacted by the devastation.  While the recovery has begun, it will take quite some time for many people and business to get back to some sort of normalcy.  In this article, we will revisit the simple yet important things that retailers could do to protect their POS system and minimize the time to recover in the event of devastation.

UPS

UPS (Uninterruptible Power Supply), especially the battery backup side of the UPS, is critical to keeping your POS system running smoothly.  During the storm season, the chance of power interruption increases in the form of blackout or brownout.  Blackout is easier to detect but brownout may not be easily felt.  Power fluctuation can also cause a power surge.  Any one of these power outage scenarios could damage your POS system or any electronic devices that are not protected by a surge protector or UPS.  If any of your POS system devices are not plugged into an UPS, you should consider purchasing one.  If you have UPS’s and do not remember when they was installed or replaced, you should replace them.  You don’t want to replace your car battery after it dies and you don’t want to wait until any part of your POS system sustains damage before you install or replace your UPS.

Backup

Your POS system is equipped with backup devices and media.  There may by automatic file backups but there is always a removable backup device and media in the form of external hard drive, DVD-RW drive and discs.  This should be your daily or weekly routine to make sure your system is backed up to the removable media.  This will allow for the quickest way to restore your system after a hard drive replacement.  Make sure making removable backup is part of your operational routine, just like counting cashiers and running reports.

Venting/Cooling

Take a moment to inspect the surroundings of your POS equipment.  All electronic equipment will have vents for cooling.  Take a look to make sure your POS equipment has room for cooling.  Look at the vents and make sure the vents clear of dusts and are not blocked.  Although your IBM POS systems are designed to withstand the toughest condition in the retail environment, it is still a good practice to help your system running at peak performance.

In the event of an imminent storm approaching, the logical thing to do is to move your mission critical equipment out of harm’s way.  If flooding is possible and moving all the equipment out of the store is not workable, one of the things you could do is to move the equipment to the top of the conveyer belt.  However, if flooded, cables, especially network cables, should be replaced.  Remember, the three most important things to do to ensure the least amount of down time is backup, backup and backup.

PCI Update

Recently updated guidelines found on the PCI DSS website.

PCI DSS Wireless Guidelines

There is now information pertaining to Bluetooth devices and rogue wireless access points as well as some recommended methods for testing and detecting rogue wireless access points per the PCI DSS 2.0 requirements in part 11.1.
https://www.pcisecuritystandards.org/pdfs/PCI_DSS_Wireless_Guideline_with_WiFi_and_Bluetooth_082211.pdf

PCI DSS Tokenization Guidelines

The guide contains the following key principles related to the use of tokenization and its relationship to PCI DSS:

1.     Tokenization solutions do not eliminate the need to maintain and validate PCI DSS compliance, but they may simplify a merchant’s validation efforts by reducing the number of system components for which PCI DSS requirements apply.

2.     Verifying the effectiveness of a tokenization implementation is necessary and includes confirming that PAN is not retrievable from any system component removed from the scope of PCI DSS.

3.     Tokenization systems and processes must be protected with strong security controls and monitoring to ensure the continued effectiveness of those controls.

4.     Tokenization solutions can vary greatly across different implementations, including differences in deployment models, tokenization and de-tokenization methods, technologies, and processes. Merchants considering the use of tokenization should perform a thorough evaluation and risk analysis to identify and document the unique characteristics of their particular implementation, including all interactions with payment card data and the particular tokenization systems and processes.

https://www.pcisecuritystandards.org/documents/Tokenization_Guidelines_Info_Supplement.pdf

The Datalogic Falcon™ X3

Datalogic Mobile announces the new Falcon™ X3 with Power³ Technology

Power³ technology gives the new Falcon™ X3 from Datalogic Mobile the power and features to tackle applications required by today’s high speed supply chains.

The new Falcon™ X3 provides real time data capture and communication, assuring accurate inventories and maximizing productivity. Available with either laser scanner or 2D imager, the Falcon™ X3 can be configured to match the needs of any department. Both laser and imager come with Datalogic patented Green Spot good read feedback assuring accuracy. Packaged with Windows CE or Windows Mobile 6.5, the Falcon™ X3 integrates seamlessly with WMS and ERP management systems. Plus, the Falcon™ X3’s Summit Wi-Fi 802.11 a/b/g radio provides maximized coverage, thanks to a unique diversity antenna system.

Attention to ergonomics is seen throughout the Falcon™ X3. The pistol grip version offers an arched handle and ergonomic trigger, making high frequency scanning operations comfortable throughout the day. The numeric and alphanumeric keyboards are set up placing high use keys at the operator’s fingertips, with a universal numeric phone key layout. The crisp QVGA display and backlit keyboard make it easy to work in dark indoor or extremely bright outdoor environments. The Falcon™ X3 is built rugged, resisting numerous drops from 6 feet, while IP64 level sealing protects the unit from dust and liquids.

Datalogic Mobile’s software and service tools complete the new Falcon™ X3 with preloaded and pre-licensed Wavelink® Avalanche™ and Terminal Emulation. This makes the mobile computer ready to go out of the box for rapid deployment and centralized management. Other software tools included are the Datalogic Desktop, Configuration, and Firmware Utilities to customize and update device configuration.

Data Protection

As the technology evolves, additional aspects of our daily lives intertwine with electronic devices. Most people use some form of electronic devices daily and interact with them for just about everything they do. These electronic interactions leave a “footprint” of the person using or interacting with and through these devices. That is why the recent emphasis of businesses to protect personally identifiable information of the consumers. These electronic footprints also represent data that could be analyzed to produce valuable information for just about any purpose. Therefore data protection is vital in this increasing electronic world.


So what do you, as a business owner, need to know about data protection? The basic step is to make a backup of your electronic data. The first question for data backups is what to backup and how often? With the advance of data storage devices, it may seem that we can back up anything and everything. That may be true for home and small businesses. However, as your system collects more data and your businesses increases, it may not be the best way to simply backup everything. A few things you should consider. How do you control the ever increasing data that is being backed up? You might want to take into consideration what information is valuable for your reports and analytics. Take some time to come up with a parameter and build your data backup and protection strategy. Another thing to consider is how to contain the increasing need for data storage. The simplest way is to increase the size and the number of storage device. If you do so at the time when your existing storage space is near capacity, you may not have the time to plan for the best strategy. Take time to plan your data storage need for the next few years and re-evaluate the need periodically. This could provide you with a more efficient system that allows for modular growth.

As your data grows, the managing of the process and data analytics could become more time consuming. When possible, consider automation for every process with a way to audit these processes to ensure completion. You also need to consider is the method for system recovery incase failure. It is a good investment for you to test and verify your data recovery process periodically. This will not only validate your recovery process but also the backup process to ensure that when a real system failure occurs, you already have a proven solution for a quick and hassle free recovery.

As data volumes continue to climb, you need to periodically re-evaluate your strategies for providing data protection throughout their organization. New technologies can deliver higher levels of data protection while saving significant administration time and opportunity for human error. You should not set it and forget it especially if everything is automated. You still need to verify and evaluate your processes to ensure that when you need the information or restoration that your procedure and data are sound and valid.

Incentives to Help Grow Your Business

An incentive encourages a specific course of action by the employees. Use incentives as an effective management and leadership tool. Because of the current economy, you might think that this is a strategy that will break the bank. Sure, money can be involved if you want raises and bonuses as classic incentives. But there are still plenty of ways to incentivize your workers with little or no money involved. Here are some suggestions:


Introduce special holidays. Offer an interesting break from the regular workday if your employees can meet some sort of goal. Casual Friday is cliched and "Hawaiian Shirt Day" is boring. How about "Bring Your Pet to Work Day," "Casino or Bowling Night," "Chili Cook off Day," or something entirely new?

Throw parties. When your team meets a goal, make the last hour or two of the day about hanging out and socializing. Make it into a potluck where everybody brings one food item. This is a great idea to reward your employees without spending a lot of money. If you're willing to spend a small amount of money, pizza is pretty failsafe.

Be receptive. After you've established yourself as someone who uses incentives, watch as your employees come to you to propose their own ideas. If it's a reasonable proposition, take them up on it.

Offer corporate memberships. See what local businesses in the area might be willing to partner with you and give your employees a discount on goods and services. Consider everything from lawn care to sandwich shops. You don't need to chase huge discounts; even a scant 10 percent or 15 percent savings at the register can brighten your employees' day.

Incentives have already been a part of your life whether you realize it or not. Parents give children toys to reward good behavior. Teachers tell students that if they're well-behaved, they can leave class early. An incentive in itself is when you go out of your way to reward excellence in the workplace. Employees will work hard to grab some of that recognition and attention for a job well done. A company that can be productive while having a soundly casual or enjoyable office culture is surely one that's got a lot figured out. Incentives are a great way to figure out what kinds of positive change you can introduce to your workplace.