PCI Council urges retailers to protect against malware
Wakefield, Mass. – In light of the recent announcement of the “Backoff” malware threatening the POS security of retailers, the PCI Council strongly encourages companies as a matter of urgency to consider the following recommendations:
1. Contact your provider of antivirus solutions and ensure you have the most recent and up to date version of antivirus software that will detect “Backoff” and other similar malware.
2. Run this solution immediately.
3. Review all system logs for any strange or unexplained activity, especially large data files being sent to unknown locations.
4. Require all default and staff passwords on systems and applications to be updated. Provide good guidance on choosing a secure password (see PCI Data Security Standard Requirements 2,8).
Should systems be found to be infected or unusual activity suspected, companies should contact their acquiring bank immediately.
Regarding malware specifically, the PCI Council recommends that organizations should review the following security risk mitigating control areas outlined in PCI Data Security Standard (PCI DSS) 3.0:
• Proper firewall configuration — Requirement 1
• Changing vendor defaults and passwords on devices and systems — Requirement 2
• Regularly updating anti-virus protections — Requirement 5
• Patching systems — Requirement 6
• Limiting access and privileges to systems — Requirements 7,9
• Requiring 2-factor authentication and complex passwords — Requirement 8
• Inspection of POS devices — Requirement 9
• Monitoring systems to allow for quick detection — Requirements 10, 11
• Implementing sound security policies for preventing intrusions that may allow malware to be injected — Requirement 12
• Managing third-party access to devices and systems, and specifically remote access from outside a merchant’s network — Requirements 8, 12
PCI standards provide layers of defense to ensure businesses can prevent, defend and detect attacks on their systems. The PCI Council advises that daily coordinated focus on maintaining these controls, making payment card security a business as usual practice — provides a strong defense against data compromise.
MarketLive integrates Visa checkout
Petaluma, Calif. – MarketLive is integrating Visa Checkout directly into its e-commerce platform. Visa Checkout is a new way to pay online, on any device, with a few clicks.
Integrating Visa Checkout into MarketLive’s e-commerce platform allows MarketLive’s retail customers to offer the service to a growing number of consumers who are shopping via smartphones and tablets.
“We are the first enterprise e-commerce platform to do a full integration of Visa’s mobile-optimized Visa Checkout, which sets us apart from other technologies and makes it easier for our merchants to simplify the payment process for their customers,” said Ken Burke, founder and CEO of MarketLive Inc. “We can offer customers the trusted Visa brand as one of their checkout options, and help decrease cart abandonments, especially on mobile devices.”
Keurig Green Mountain adds Coca-Cola exec to board
Keurig Green Mountain has appointed José Octavio Reyes Lagunes, retired vice chairman of The Coca-Cola Export Corporation, to its board of directors.
"We are very pleased to add an executive of Mr. Reyes’ caliber to our board of directors,” stated Norm Wesley, Keurig’s chairman of the board. “José’s significant experience in the cold beverage industry and his global perspective make him an ideal addition to the Board of Keurig as we look forward to the introduction of our Keurig Cold beverage system and to growth opportunities outside of North America for both our Keurig Cold and our Keurig hot beverage systems."
Reyes will be a Class I director with a term that expires at the company’s 2015 annual meeting where he will stand for election by stockholders. Reyes’ appointment increases the composition of Keurig’s board of directors to 12 members, 11 of whom are independent with diverse experience from companies including Fortune Brands, American Express, Kellogg Company, Credit Suisse Group AG and Proctor & Gamble.
Prior to his most recent role at The Coca-Cola Export Corporation, which he had held since 2012 and where he was responsible for mentoring system leaders around the globe and leading efforts to implement key initiatives of The Coca-Cola Company’s 2020 Vision, Reyes served as president of the Latin America Group of The Coca-Cola Company from 2002 to 2012. Reyes began his career with The Coca-Cola Company in 1980 at Coca-Cola de México as manager of strategic planning. In 1987, he was appointed manager of the Sprite and Diet Coke brands at corporate headquarters in Atlanta. Reyes moved to Brazil in 1990 as marketing director for the Brazil division and subsequently was named marketing and operations VP for the Mexico division. Reyes then became deputy division president for the Mexico Division in 1996, and was named its president later that year.
Reyes holds a bachelor of science in chemical engineering from the Universidad Autónoma de México and a master of business administration (MBA) from the Instituto Tecnológico de Estudios Superiores de Monterrey, both in his native Mexico. He currently serves on the boards of directors of MasterCard Worldwide, Coca-Cola Hellenic Bottling Co., Comex Paints and the Papalote Children's Museum in Mexico City.