Monday, February 27, 2012

Mobile Up – Retail Cowboy

The cell phone boom came with the increase of the general public’s knowledge as to their use and power.

By 2015 it is estimated that 10 – 15% of retailers will have made the transition to mobile POS, as well as whispers of several other groundbreaking advancements (made possible by mobile POS). It can be said that the “mobile POS age” is two pronged; with the advent of the in store POS and
the integration of social media into the buyer’s experience through their own mobile devices. 50% of Americans now have smart phones and the numbers are increasing daily.

It appears that the hottest subjects for a POS upgrade to mobile (in the boutique retail scene) are new shops, those opting for mobile POS as part of opening new locations or those incorporating a POS upgrade to mobile POS as part of a design overhaul. Big box and department stores are starting to phase into mobile POS to increase efficiency and customer service; check out
Nordstrom if you want to see mobile POS in action.

If you were to compare the transition of the landline phone age to what is now ultimately the smart phone age, you see that technology transitions take time to roll out and POS upgrades take a definite effort on the part of a retailer.

In addition to mobile POS, retail technology is developing fast. Many retailers will be surprised at the overall benefits and increased precision that can be brought about with these tools, especially since many retailers do not fully use their existing POS. Whether it comes down to a lack
of training, time or interest – retail technology needs to be seen as the vital retail tool it is. The proper system, properly used can vastly improve a retailer’s customer contact management, marketing, inventory control, personnel production management and help ensure success. Mobile POS is poised to greatly enhance the retail industry.

As a retailer looking at the possibility of an upgrade into any new retail solution, one should assess its functionality and ensure that you are willing to fully roll it out, vastly increasing its return on investment. Training, installation and support should all be a part of what you
look for when selecting a vendor for your POS.

The mobile POS boom will come as retailers become familiar with its use and power. Old habits die hard, but out-dated POS habit may be one of things you should “take out back and shoot”.

Thursday, February 23, 2012

Back from Mrket February 2012

Now that we are all back and settled from Mrket there were some definite recurring themes that have been abuzz in the office. One was the general reaction to mobile POS, hot, hot, HOT. This is definitely a movement and we are very proud to already have our products set up to accommodate mobile POS.

Secondly, FUR IS BIG. I don’t think fur has been quite this well represented in years. Between mobile POS and fur, this should shape up to be a fuzzy... fun year in retail.

While our feet may have been falling off by the end of this, it was a good event.

What is Your Loss Prevention Strategy?

By Scott Kreisberg, CEO One Step Retail Solutions

When it comes to security and protecting your assets, you need a good strategy. You will know how good that strategy is when you try to balance the cash register at the end of the day; when you do your physical count; when you are faced with a computer crash; or when too many of your customers start having identity theft on their cards. Do you want to wait until then to find out that your protection was inadequate?

The most effective method to achieve security has always been a layered approach. In other words, instead of just relying on a single solution, you set up a number of protective layers and thus greatly reduce the chances of being a victim.
Airports are an example of a layered approach: there are visual inspection of ID's and tickets before you are allowed beyond a certain point, there are TSA agents observing via cameras, there are metal detection imaging devices that you must go through, and there are personnel at the ramp to the plane who check tickets and ID's again.

We at One Step Retail take a similar approach to protecting you and your business from both external and internal threats. After all, we have been around helping retailers for 25 years and we hear about disasters from unprotected retailers. Consequently, we want to ensure you do not experience the same thing.
What would happen if all the information stored in your computer were suddenly lost? Or you had a hacker or virus or Trojan attack? Could you recreate this information? If so, how much time would it take? How much would it cost? What about dishonest employees? Most importantly, would your business survive?

In today's economic climate, it is vital to protect your assets and one of the most important assets you have is your data. If you lost it, it could possibly close your store. That may be hard to believe, but look at these statistics from Comdisco Vulnerability Index Research Report:

• 82% of companies are not prepared to handle a computer system disaster
• 83% of corporate data recoveries from tape backup FAIL
• Only 6% of companies that suffer from a catastrophic data loss survive

In our own backyard, we've seen it happen. Two different clients thought they were backing up and protected, but then their computers crashed and they discovered otherwise. After a year of manually inputting all the missing data, one retailer still occasionally scans an item that should be in the system but isn't. Another client lost years of data and had to pay for expensive data recovery but not all of it was recoverable.

In the category of dishonest employees, one client after six months of periodic cycle counts being off, finally traced down the problem to an employee taking fictitious “returns” and giving refunds-to herself. Another client had an employee who, as their Systems Administrator, embezzled money from them for five years. Months of sales information in their computer records was missing and she said they had been lost. Where was the backup? This company went out of business two years later.

One Step has researched resources and partnered with experienced, honest vendors to bring you layers of security specific to your needs as a retailer.
With RetailSafe, you have a professional backup service that knows retail and their data backup needs, plus you as our client get a discount for their services.
With sonicWall you get not only an intelligent state-of-the art firewall protecting you from malware, you get PCI compliance integrated into the system protecting your business from another type of disaster. You can buy firewalls including sonicWall at Amazon but none of them will be PCI Compliant out of the box. You must be trained on how to properly configure the firewall in order to meet PCI compliancy. So, buying them from anywhere else would be an utter waste of money.

With Quadrox you have a Network Video Recording system that can, among other things, integrate with your POS. The POS is a primary location for employee theft or mistakes. For example, you could quickly access the time when an employee issued a return and refund (as noted on the POS) and see actually what happened on the video—no cycle counts for six months to discover the dishonest employee.
So, start getting these layers firmly in place. If you have some or all of them already, make sure:

• they are working,
• you are verifying on a regular basis that they are working
• they are adequate for your specific needs as a retailer
• you understand them and can use all of their features
• you not only can use their features, you are using them

Retail Crime of the Future - Served with a Drink and Chips

By Amy Hanson, One Step Retail Solutions

News broke late last year about a “retail crime of the future”. Dating back to at least 2008, a small group of Romanian hackers have allegedly stolen credit card information through the POS systems of hundreds of small American businesses, adding up to more than 3 million dollars in fraudulent charges. The investigation is still pending, but the most serious attack was targeted at Subway franchises with at least 150 of their locations reportedly compromised. The 4 suspects are in custody, per the most recent reports.

The method of attack appears to be targeting certain POS “holes” through an essentially wide-open back door; a Trojan virus was then installed to give them ongoing easy access. As per the PCI Security Standards Council, those who process credit and debt payments must have a two-factor authentication for remote access to a POS system. Not having this security measure in place is where these particular businesses and franchises appear to have gone wrong.

In this digital age it is vital that retailers protect their customers by being fully PCI compliant and establishing layered security measures. PCI goals include “Build and Maintain a Secure Network” and “Implement Strong Access Control Measures” with some of the exact PCI requirements reading as follows:

“1. Install and maintain a firewall configuration to protect cardholder data…'
“10. Track and monitor all access to network resources and cardholder data.”

Did you know that reports show 56% of U.S. small businesses have experienced data breaches and 33% of all data breaches were directed at businesses with 100 employees or fewer? “The Subway credit card hack is unfortunately news that may happen with greater frequency.” says a FindLaw article about the recent 2008 to May 2011 hacks.

We highly recommend a layered approach, including installing a Sonic Wall Firewall, which offers a powerful security platform. SonicWall provides integrated anti-virus and anti-spyware, which is being updated every 5 minutes, thus providing real-time protection against a wide array of threats.

When you buy a SonicWall from One Step Retail, we configure it to be fully PCI Compliant. You also get:
• A business class device
• 3G failover, so if your Internet ever goes down and you have a 3G wireless adapter attached to the firewall then your internet will stay up.
• Content control to prevent employees from wasting time on sites like, You Tube and Facebook, etc.
• You would also be able to provide free Wi-Fi to your shoppers and secure wireless zone for mobile applications and devices.
Deep packet inspection of the entire content of information coming into the business via the Internet instead of just header or title.

"I don't know if Subway had unpatched vulnerabilities on its POS systems or what. But whatever merchants have to do, yikes, please do it." - Lisa Vaas of Sophos, antivirus software developer.

There is more to know about Firewalls than you think: Get a free Security Consult:
http://onestepretail.com/Products/SecuritySuite/

Sources:
www.pcisecuritystandards.org
http://arstechnica.com/business/news/2011/12/how-hackers-gave-subway-a-30-million-lesson-in-point-of-sale-security.ars
http://www.tgdaily.com/security-features/60147-arrests-made-over-subway-hack