Best Network Security Practices for Merchant Processing

Cards and padlock online banking, credit card transactions, trading, protection, fraud, identity theft, etc.

Best Network Security Practices for Merchant Processing

Protecting and securing consumer data should be an imperative policy. Securing consumer data can increase consumer shopping confidence and add value to your business reputation. Here are some guidelines for safeguarding merchant terminals from internet hackers. While not all the policies listed below may be necessary, it is recommended that you properly understand all network vulnerabilities and implement a series of policies based on potential exposure.

  • Purchase a leading Anti-Virus and stay patched, updated.
  • Review firewall configurations and ensure that only allowed ports, services, and Internet protocol (IP) addresses are communicating with your network. This is especially critical for outbound (e.g., egress) firewall rules in which compromised entities allow ports to communicate to any IP address on the Internet. Hackers leverage this configuration to ex-filtrate data to their IP addresses.
  • Segregate payment processing networks from other networks.
  • Apply access control lists (ACLs) on the router configuration to limit unauthorized traffic to payment processing networks.
  • Create strict ACLs segmenting public-facing systems and back-end database systems that house payment card data.
  • Implement data leakage prevention/detection tools to detect and help prevent data exfiltration.
  • Implement tools to detect anomalous network traffic and anomalous behavior by legitimate users (compromised credentials).

Resources: US-CERT – Department of Homeland Security

See related links:

Securing Remote Control Software and Stations

Best Practices for Cash Register and PoS Security

Backoff Point-of-Sale Malware US-CERT Alert (TA14-212A)