Mobile and cloud demand new lines of defence

This year’s annual Retail Technology loss prevention and security feature explores how the latest technologies revolutionising retail are creating new challenges as well as opportunities

Mobile devices are already being used in retail for many back-office functions, whether for inventory and supply chain management, markdowns or stocktakes. But Jes Breslaw, Europe, Middle East and Africa marketing director for secure mobile file sharing provider Accellion, questioned: “How much of this though is done securely? And is there a more effective way for head office functions to distribute information securely and more directly?”
More recently, retailers have not only had to secure corporate devices. The advent of the ability for staff to now also “bring your own device” (BYOD) to work has further security implications. “With mobile file sharing and collaboration, files can be sent and received securely from the mobile device,” Breslaw added. “Compliance obligations can also be met with full auditing of what is done and when. If used wisely, BYOD and cloud services can bring significant cost savings and organisational efficiencies in the way retail enterprise works.”
Physical security remains priority
Bill Farmer, chief executive of cloud-based secure network management company Mako Networks, pointed out that even the new 'online' nature of face-to-face retail has its challenges in terms of maintaining front-of-house security too. “The instore retail environment is seeing more business-essential computer devices connected via a wireless network such as instore kiosks, mobile PoS and tablets,” he said. 
“The forecasted growth of BYOD payments expectations among customers will no doubt add to this. Retailers need to look for security solutions that protect and wherever possible segregate payment and personal data as it passes through a network, regardless of which device takes the transaction,” Breslaw advised, suggesting strong passwords and effective firewalls and network monitoring capabilities were essential. 
While mobile and cloud technologies offer retailers process advantages and opportunities, the BYOD trend is a key example of how retailers will have to redouble security efforts to manage the maturation of emerging trends, including mobile payments.
Protecting mobile targets
Guy Yehiav, chief executive at predictive analytics vendor Profitect, said: “The challenge facing mobile payments is the location of the transaction. With the ability to transact anywhere, mobile PoS [point of sale] has made retail investment in CCTV obsolete by moving out of camera focus or range. Retailers should consider the ability of shoppers and employees to circumvent their camera investments.”
But Yehiav also said another emerging IT trend around ‘big data’ analytics could help. “Most retailers analyse their business in the aggregate, rather than the lower level detailed information that impacts their business (transaction, SKU, store, etc.),” he explained. “Analysing big data at the lowest level will help retailers find patterns to find leakages across the value chain, identifying the root cause, whether personnel, system glitch or process failure.” M-commerce may still be in its infancy, Akif Khan, director of products and services at electronic payment and risk management services provider CyberSource, urged retailers consider that additional channels mean new risks, with more opportunities for fraudsters.
Build security into m-commerce 
“It is difficult to have an accurate view of how fraud rates around these new technologies differ from traditional channels,” Khan said. “In the exciting rush to launch a mobile channel, details such as accurate fraud reporting can often be an afterthought. One of the ways that retailers can manage multiple sales channels, have the flexibility to track orders and effectively manage fraud is through the implementation of a single management platform.”
It becomes difficult, for instance, to check a buyer's internet protocol (IP) address as part of the fraud screening process for verifying an online transaction, if they live in London but are buying via their mobile in Liverpool, suggested Kahn. “This is where the single platform approach could be beneficial for retailers,” he concluded.
“By considering these best practice principles retailers can make the transition from a traditional to an ‘omnichannel’ approach as painlessly as possible.”
This story first ran as the introduction to the 'Loss Prevention & Security' feature in the March/April 2012 issue of Retail Technology magazine. Click here to subscribe to the print edition or register for the free e-version.