The cyber security challenge for retail branch IT

Over the last few months, cyber security has been one of the most talked about challenges for businesses across all industries. This is put into sharp focus with recent media coverage of cyber attacks that have affected thousands of companies across the globe.

The retail sector is in the frontline of the cyber attack battle. Retailers need to be concerned about the security of their own data, and that of their customers. Lack of customer confidence in data security impacts brand value. Add to this the demands of compliance, particularly for electronic payment, and the scale of potential impact of security breaches such as customer data loss, malware, ransomware and distributed denials of service (DDoS) are very clear.

>See also: Cyber breaches are consumers’ ‘biggest fear’

In this battle, it’s important that branch IT – the remote, often outdated element of the IT estate – is not the weak point in the frontline, providing easier access to those who wish to do damage. It’s not enough to invest in protecting just the head office or the data centre – the branch network must be brought into the equation.

But this isn’t easy. Branch IT is, by its very nature, highly distributed, often remote, and rarely served by local IT expertise. This can push up the cost of implementing and maintaining a branch security strategy, and could discourage an already overstretched IT team from giving the attention it demands.

The old mantra of ‘if it isn’t broken, don’t fix it’ doesn’t apply when considering the ever-escalating security challenge. With evolving security and compliance requirements, there’s a greater need to make sure branch IT is secure, to keep customers happy (they have an expectation that retailers are keeping their details safe and private) and meet compliance requirements.
Security is not just about implementing state-of-the-art security applications, but about implementing and maintaining a secure IT infrastructure across distributed branches; ideally an infrastructure which has been designed from the ground up with security in mind.

Supported operating systems

One of the key things for any IT manager to look at is the operating system within the branch. Is it current? And is it still supported? While short-term attention may focus on addressing desktop operating systems and whether or not they are still supported by the provider, longer term attention must be focussed on ensuring that supported operating systems are being used on organisations’ servers. The same challenges exist; supported platforms have patches available, non-supported systems don’t, and the impact of server hacking can be huge.

>See also: Is China’s new cyber security law a threat to international businesses?

Patching, keeping current and keeping compliant

This leads to a discussion on patching. One of the most important requirements for IT is to keep infrastructure current, apply security patches and install updates. Of course, this not as easy as it first sounds, especially when you have disparate virtualised and distributed systems, all running slightly different IT stacks.

But it’s crucial, not only to protect infrastructure, but also to ensure it continues to comply with compliance frameworks. Automation has to be at the heart of any viable current solution, otherwise the risk of human error becomes too great.

More than the firewall

When looking at branch network security, it is essential to choose a solution which comes with the same high levels of security that you find with cloud services. This has to include segmentation, logging, intrusion detection and file integrity monitoring so that these solutions can achieve equivalent levels of compliance.

Advanced automated backup

Given the prevailing attitude that cyber attacks are imminent, business continuity and disaster recovery plans are now forming part of protection strategies. This is particularly important to guard against ransomware attacks — attempts to extort money by encrypting data.

>See also: How the retail sector can be revolutionised for business and consumer

Regular updates and anti-virus software form the first line of defence against such attacks, but if the virus manages to breach these defences, the only solution is to restore from a backup or a snapshot.

To be effective against ransomware and to minimise disruption to users in the event of an attack, backups or snapshots must be taken frequently, retained for an extended period (in case the virus is not detected right away), capable of being rapidly restored and inaccessible to the infected computer — and therefore the virus.


Maintaining a distributed IT infrastructure comes with challenges, many of them security-related — especially when it’s across hundreds or thousands of branches. It is here that automation and the right tools can assist in preventing these cyber security attacks, from patching and updates to automated backups.


Sourced by Brian Buggy, VP Products, Zynstra


The UK’s largest conference for tech leadership, TechLeaders Summit, returns on 14 September with 40+ top execs signed up to speak about the challenges and opportunities surrounding the most disruptive innovations facing the enterprise today. Secure your place at this prestigious summit byregistering here

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...