Data Security: Retail’s New Top Priority
In recent years, customer engagement has become much more of a mission-critical function for retailers. While nobody would argue that retailers must engage their customers in a way that recognizes the disruptive effects of leading-edge technologies like social and mobile, there is a priority that looms even larger. Namely, data security.
Insecure Data Creates Insecure Customers
Engaging a customer successfully, only to have that customer suffer a breach of sensitive information that could subject them to theft of both their money and their identity, is far more damaging to your long-term brand health than not engaging them at all. Data security is the foundation upon which all other retail activities rest. Without it, retailers may find themselves facing an angry and mistrustful customer base only willing to conduct cash-based, anonymous transactions. That model worked well up to the 1950s but is not a framework for 21st century commerce. Here are a few quick suggestions to help retailers put data security at the center of customer engagement and everything else they do in the course of business:
The Time Has Come for PIN & Chip
Unlike most of the rest of the world, U.S. retailers still rely on payment cards that store sensitive data on magnetic stripes and use customer signature for verification. This simplistic security technology has been around for roughly 50 years and is easily defeated by skilled hackers.
Outside the U.S., retailers typically use PIN & chip payment cards that store data on embedded microchips and rely on customer PINs for verification. They are not invulnerable, but PIN & chip cards are much more sophisticated than magnetic stripe cards and offer consumers and retailers a higher level of security. Retailers would need to collaborate with banks, credit card companies and POS systems providers to make PIN & chip a reality in the U.S., but it’s no accident Target has said it wants to revisit a PIN & chip pilot it ended 10 years ago.
Compliance is the First Step
The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements mandating that retailers securely process, store and transmit credit card data. PCI DSS compliance provides a data security baseline, but in and of itself does not guarantee data security. The standard is not a law and enforcement is spotty. Beyond that, simply meeting PCI DSS standards in no way protects retailers from the type of highly sophisticated and relentless attacks they are now facing (see more details below). Once you have met PCI DSS compliance, the real work in securing customer data begins.
Know Your Enemy
Despite popular depictions of “hackers” as teen loners operating from their parents’ basements, the reality is today’s data security threats come from international criminal groups and even nation-states. The software program used to penetrate Target’s data security defenses originated in Eastern Europe and has been distributed globally via underground websites, and there is strong evidence that partially or wholly hostile nation-states such as China and North Korea have engaged in hacking the systems of U.S. businesses.
Thus, retailers need to use the same type of encryption, antivirus software, and other data defense mechanisms employed by U.S. government agencies. Achieving this level of data security requires considerable expense in expertise and technology, but losing the faith of your customers is a much costlier proposition.
Shooter kills self, two employees at Maryland mall
Columbia, Md. – A lone 19-year-old gunman killed two employees of a Zumiez store at The Mall of Columbia in Columbia, Md., on the morning of Jan. 26. Media reports indicate that local authorities began receiving 911 calls about the incident at the suburban Baltimore mall at 11:15 a.m. ET.
Police arrived within two minutes and discovered three bodies, including that of the shooter, in the store. Six shots were fired from a shotgun found at the scene, and one other person was wounded in the foot by gunfire and another four were injured during the crowd reaction to the shooting. The mall was closed following the incident and thoroughly searched by police for other shooters, weapons and explosives. Other than two crude homemade explosives and extra ammunition found in the shooter’s backpack, police found no other weapons or devices.
The shooter has been identified as Darion Marcus Aguilar, 19. The victims, Brianna Benlolo, 21, and Tyler Johnson, 25, both worked at the store. A motive has not yet been established and so far no connection has been made between Aguilar and the victims. The mall is scheduled to reopen at 1 p.m. ET on Jan. 27.
In a statement, Zumiez CEO Rick Brooks conveyed the company’s sympathies.
“The Zumiez team is a tight-knit community and all of our hearts go out to Brianna and Tyler’s families,” he said.
Shakira’s exclusive album available for pre-order at Target
Target and international pop star Shakira are teaming up to release an exclusive deluxe edition of her latest album, “Shakira.” It’s Target’s first major artist collaboration of the year.
The exclusive deluxe edition will include three bonus tracks and is available for pre-order now at Target.com.
“There were three special songs I recorded for ‘Shakira’ that I decided to save for the version of the album available only at Target,” explained Shakira.
The exclusive deluxe edition of “Shakira” will be available in all U.S. Target stores and at Target.com March 25.
“With three special bonus songs on our exclusive album, Shakira joins an unparalleled group of remarkable artists that partner with Target to give our guests more music,” said Anne Stanchfield, divisional merchandise manager of entertainment. “Shakira is an international icon with an enormous following of fans that love her distinctive voice, boundless energy and hallmark dance moves. Guests will be thrilled with the three bonus tracks that can only be found at Target.”