The convenience of remotely accessing your POS system anywhere at any time can be appealing. It can save you and your IT team and/or service provider a visit to your office or store. However, the advantages of remote management software can also bring risks to the security of your customer’s card payment details.
Here are some tips on what you should and shouldn’t do when remotely accessing your POS system.
What you should do;
1. If remote access to devices is required, only enable it for the time need for work or completing updates. Always ensure the latest remote management tools and applications are used.
2. Use network segmentation including firewalls and separate internet and security cameras in your POS environment.
3. Work alongside your service providers to make sure your POS system is configured securely and is up to date with PCI Compliance.
4. Consider using security testing, risk assessments and multi-factor authentication to find vulnerabilities and make sure you are using strong access controls.
What you shouldn’t do;
1. Don’t use your POS system to look online or check emails, it’s only used for processing payments.
2. Don’t share your log in details for remote access devices or anything connected to your POS system.
3. Do not use your remote access to access your security cameras in your business.
4. Don’t leave remote access on after you have completed your work, as this enables hackers to access your POS.
Remember the do's and don'ts of remote access and POS systems and you’ll be well on your way to meeting the objectives of PCI compliance.