Most POS systems consist of desktop computer running the Windows operating system and several POS devices directly connected. Windows is a well understood and high profile target for hackers. In too many cases, the POS computer is treated like all other desktops on the operator’s network, with
the standard endpoint protection of antivirus and personal firewall.
The traditional approach to protecting endpoints focuses on detecting threats. The leaves most endpoint security vulnerable to zero day malware, where the threat has not yet been discovered by the vendor and their signature files not yet updated. Malware creators are very good at modifying the
files of known malware so that, for a time, they will be undetected as a threat.
BlackPOS, the malware used in the Target Data breach, was “in the wild” at least 3 months before being discovered and most antivirus systems could be updated to deal with it. According to Verizon’s 2014 Data Breach Report, 85% of POS intrusions compromised the target for more than 2 weeks before being detected. By the time the malware is discovered it may be too late.
Secure Your Application, Not Just Your Endpoint
The safest assumption for protecting your POS system is to assume that detection will fail. Your POS application must be able
to operate safely in an already infected environment.
is not endpoint protection. It is a fortress where your POS application can run safely and
communicate securely on a compromised machine. Like a medieval castle, It provides safe harbor in an increasingly