Take your c-store's cybersecurity into your own hands
Guest column: SOTI's Shash Anand on Zero Trust security strategies for c-stores.
At its peak the pandemic, for better or worse, accelerated technology adoption across multiple industries, including retail. There was and is, good reason for retailers to quickly and efficiently deploy new technologies to improve business processes. 38% of global consumers stated they want to return to in-store shopping with retailers they viewed as technology innovators. Twelve percent of shoppers would consider spending more in stores using technology to improve the customer experience.
Deploying technology for consumers to use is only part of the equation. Devices must be managed to ensure they are working as expected, can be fixed in a timely manner and are delivering a positive return on investment (ROI). Canadian c-store operators - large or medium - must contend with this new reality to bolster online and offline sales, and foot traffic.
The need to manage an ever-growing set of devices also requires technology and associated hardware be protected from potential security breaches.
The average cost of data breaches for businesses in Canada is over $5 million. For c-store operators/retailers such costs are prohibitive, and even a few hours of downtime for smaller c-store owners can be catastrophic. Additionally, retailers/c-store operators, regardless of size, have multiple, disparate devices and technologies that still need to have data protected.
For c-store owners, completely understanding their risk exposure to breaches is highly complex, and possibly cost prohibitive, when it comes to the staff and tools needed to assess it. Instead of looking at the workforce and budget required to do this and simply giving up, Canadian c-store owners can adopt a Zero Trust mentality for their devices and technology network.
In North America alone, 63% of businesses have made Zero Trust a higher priority. Before, smaller proprietors thought of Zero Trust as an expensive cybersecurity product. However, it’s important to note that it’s not. You cannot go to a store or a vendor and purchase Zero Trust. Instead, Zero Trust is a business strategy that assumes everything is a threat to your data or network security. Basically, it means anyone, or anything, trying to access a network must state their identity through authentication and authorization. They must prove who they are before access is granted.
Small to medium-sized c-store brands should embrace Zero Trust, as data breaches can have a devastating impact on smaller businesses. In 2020, there were more than 700,000 cybersecurity attacks on small businesses. As a result, Zero Trust and cybersecurity measures in general have become more crucial than ever.
Getting started with Zero Trust may seem complex for medium-sized and boutique c-store proprietors, but it does not have to be. Such proprietors can jumpstart Zero Trust initiatives with some best practices. These include:
Keep passwords safe by using a password manager, changing passwords frequently and not using 123456 (the most hacked password).
Adopt multi-factor authentication (MFA). Did you know 50% of small businesses have not implemented MFA? This leaves valuable data and information exposed to threats.
In a recent study, 21% of small businesses reported having suffered from a cyber-attack, yet 47% claim that they are not spending their annual operating budget on cyber security. Convenience store brands of all sizes should create the right cybersecurity plan for the size of their convenience store operations and work meticulously to ensure that all and any customer data stored in any device is secure.
Canadian c-store retailers must ensure their tech and data are securely stored and processed to successfully operate in today’s increasingly mobile and data-driven market. Now is the time to act. Implementing Zero Trust and general cybersecurity measures should be at the top of the to-do list.
As senior vice-president of product strategy at SOTI, Shash Anand oversees the company’s evolution from a single product centered around Mobile Device Management (MDM) to an integrated platform that solves many of the challenges around Enterprise Mobility Management (EMM) and Internet of Things (IoT) management.