Business Daily from THE HINDU group of publications
Monday, Nov 13, 2006
ePaper
eWorld
Features
Stocks
Cross Currency
Shipping
Archives
Google

Group Sites

 eWorld - Interview
Info-Tech - Security
Marketing - Retailing
Don't buy trouble

Paromita Pain

SonicWALL says its solutions can promote security in the retail space.

Retailers are capturing more and more information about their customers and sharing this across widely distributed, connected set-ups, creating an enticing target for hackers.


Shubhomoy Biswas

The retail sector is booming. And that spells a big opportunity for India. Shubhomoy Biswas, Country Manager, SonicWALL India, says, "Rated the fifth most attractive emerging retail market, India is being seen as a potential goldmine."

But when you buy what you want online, are you buying trouble too?

eWorld caught up with Biswas on security in the retail space. Excerpts from the chat:

What is the market for retail security in India today? How is the space set to grow?

India has been ranked second in a Global Retail Development Index of 30 developing countries drawn up by AT Kearney. AT Kearney has estimated India's total retail market at $202.6 billion, which is expected to grow at a compounded 30 per cent over the next five years.

With the organised retail segment growing at the rate of 25-30 per cent per annum, revenues from the sector are expected to triple from the current $7.7 billion to $24billion by 2010.

With the organised retail sector poised to grow significantly and use of plastic money becoming the key choice of purchase, the retail security market too is expected to grow in similar proportions. The growth will also come from other retail service outlets in the hospitality sector.

What are the different threats the space faces?

Retail Security plays a critical role in an organisation's productivity and many are looking to new technologies to improve output, reduce costs, and generate increase in sales revenue.

Next generation POS (point of sale) systems are coming up with new capability ranges. The new systems enable free flow of information between the head office and various nationwide locations.

By combining new networking technologies with next generation POS solutions, retailers are considerably improving the timeliness and flow of information within their organisations, leading to improved efficiency and higher levels of customer satisfaction.

These new technologies, however, also pose high-risk threats such as viruses and worms.

Retailers are capturing more and more information about their customers and sharing this information across widely distributed, connected organisations, creating an enticing target for hackers.

One of the more recent cases was brought against discount shoe retailer DSW Inc, which reported that credit card data had been stolen from its computers.

In the FTC (Federal Trade Commission) complaint, the government agency said that the retailer transmitted customer charge information wirelessly between cash registers and the in-store network.

While this practice by itself poses no inherent risk, and many retailers are embracing such wireless designs, the FTC said that the retailer did not secure the wireless environment adequately.

Therefore, it is vital to deploy strong wireless security to protect sensitive information transmitted over wireless networks.

Standard security measures included in today's wireless networks are flawed and can be compromised with hacker tools readily available on the Internet.

One of the most useful guidelines a retailer can turn to is the credit card industry's Payment Card Industry (PCI) Data Security Standard, which outlines the policies and technology necessary to comply with legislative mandates, to protect the retail network, and to keep customer data safe and secure. The standard calls for common-sense protocols such as avoiding use of vendor-supplied defaults for system passwords, and restricting physical access of cardholder data; and use of technology that includes firewalls, anti-virus software, and encryption technology.

What are the special challenges you face while designing specific products for clients and how do you meet them?

SonicWALL has understood the challenges of the retail and hospitality segments and has developed products that not only are technology superior but also help customers fulfil necessary regulatory norms.

All our security appliances are designed to deliver retailers a comprehensive set of essential security functions in a single, integrated device.

Virtual private networking (VPN)IPSec provides secure communications over the Internet to protect sensitive information transmitted across POS networks.

An ICSA-certified, deep packet inspection firewall shields POS networks from outside intruders such as hackers and worms.

Back-up connectivity enables retailers to ensure continuous availability of vital POS systems.

Advanced wireless LAN security protects sensitive customer or business information as it travels over public airwaves. SonicWALL's Anti-Virus solution protects against fast-moving viruses.

The company's integrated Content Filtering lets retailers provide employees and customers Internet access while blocking inappropriate or objectionable sites.

The SonicWALL TZ 170 Series is an ideal security platform for small networks such as retail and restaurant locations.

The company's award-winning GlobalManagement System (GMS) provides centralised control of all SonicWALL devices and is scalable to manage hundreds or thousands of remote devices, says Biswas.

Tips from IT Secure

For those interested in pursing retail security concepts as a career option, Peter Theobald, CEO, IT Secure, a security solutions consultancy, has some tips:

Someone managing retail security must understand the entire gamut of operations of the retail outlet, with reference to the integration of their IT infrastructure with their business practices, starting from inventory to POS data capturing to reporting to stock replenishments.

One must also understand the weaknesses in this chain as well as the security technologies available to protect against them. It is also imperative to understand the communication methodology between the retail outlets and HO and knowing the communication options to ensure secure connectivity and redundancy.

There are qualifications for those interested in security (not just retail security): CISSP and CISM.CISSP (Certified Information Systems Security Professional) is the award for successful completion of an examination in computer security administered by the International Information Systems Security Certification Consortium (ISC)2.

The subjects covered include security management practices, security architecture, access control, operations security, cryptography, network and Internet security and disaster recovery.

Certified Information Security Manager (CISM) is a designation awarded by the Information Systems Audit and Control Association to individuals who pass a written examination and have at least five years of information security experience with a minimum three years of Information Security Management work experience in particular fields.

paromita@thehindu.co.in

More Stories on : Interview | Security | Retailing

Article E-Mail :: Comment :: Syndication :: Printer Friendly Page

Stories in this Section
Going green ... with IT

RFID tags - an eye on how you buy
Call me sentimental
Sharing photos
Windows XP installation problem
Mobile way to business
Don't buy trouble
The spectrum equation
Time to score more hits
Quiz

The Hindu Group: Home | About Us | Copyright | Archives | Contacts | Subscription
Group Sites: The Hindu | The Hindu ePaper | Business Line | Business Line ePaper | Sportstar | Frontline | The Hindu eBooks | The Hindu Images | Home |

Copyright © 2006, The Hindu Business Line. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu Business Line