STORES Magazine - July 2010 - (Page 68)

LOSS PREVENTION / RISK MANAGEMENT Preventing Shoes From Dropping When it comes to PCI compliance, Bakers Footwear prefers playing offense BY M.V. GREENE or many mid-market retailers, PCI compliance is the elephant in the room. The standard applies to organizations that process cardholder data, and organizations at varying levels of transactions must show they are in compliance annually. Those that aren’t risk fines and losing the opportunity to process credit card payments with banks and card companies like MasterCard and Visa. F Therefore, when it comes to PCI compliance, vigilance is the only way to go, according to Chris Spohr, information security officer for Bakers Footwear Group, a St. Louis-based chain that sells footwear and accessories for young women with more than 240 locations. “The worst-case scenario is what you see in the news where you have a security breach where somebody gets in and gets access to cardholder data and uses that for fraudulent purposes,” Spohr says. “The other side of that is meeting the standards. If you don’t meet them, even if you don’t have a breach, then the card branches will assess you with some fines.” Technologies do exist for companies to remain on top of their networks by detecting and neutralizing threats. But for retailers without the expansive IT budgets or personnel resources of the major players, determining how to pay for security information and event management (SIEM) can be particularly problematic. In addition, many organizations must prime their internal networks to comply with other mandates emanating from federal regulatory actions, including Sarbanes Oxley, the Health Insurance Portability and Accountability Act, FDIC guidelines and the Gramm-LeachBliley Act. Bakers Footwear maintains a threeperson team dedicated to IT security – 68 STORES / JULY 2010 far fewer than most large retailers. “We try to pay attention to our expenditures and make wise choices,” Spohr says. “You stay diligent in trying to achieve and maintain compliance.” Centralizing security data Two years ago, the company determined that it needed to improve the process of centralized logging from its network for SIEM – specifically, en- won’t be in sync with what is being captured through a router. Therefore retailers need to have that data centralized, scoured and compartmentalized to determine the sources of threats to the network. In 2008, Spohr’s dilemma was finding a solution that would not break the bank or burden his small staff. His budget would not accommodate large-scale “forensic” enterprise solutions that often require additional engineering fees and third-party personnel to customize the technology for individual implementations. What he needed was a device to place on Bakers Footwear’s network that could be up and running quickly and which would assemble all SIEM log data in one place for analysis. His staff’s manual-based system for reviewing log data was rudimentary and time-consuming — it required opening up various servers and folders individually, a system fraught with unreliability. “When you get a person doing that all When it comes to PCI compliance, vigilance is the only way to go. hancing the logging of potential security events from network routers, switches, firewalls and servers in order to gain visibility into possible threats. Networks can become silos of disparate information. Typically, a server won’t know what is stored in a firewall, or an anti-virus detection program the time, you spend a lot of time viewing logs, checking logs, remembering to check logs and recording that you checked logs,” Spohr says. Bakers Footwear found its solution from TriGeo Network Security. The Post Falls, Idaho-based company has staked its market position on offering WWW.STORES.ORG http://WWW.STORES.ORG

Table of Contents for the Digital Edition of STORES Magazine - July 2010

STORES Magazine
Contents
Editor's Page
President's Page
Trends
Retail People
Corporate Leadership
Top 100 Retailers
Litigation
Concept2Watch
Location Apps
Payments
Networking
Q&A
IT
Marketing
Sustainability
Food Safety
Risk Management
ARTS Update
Point of View
NRF News
Retail Industry Calendar
End Cap

STORES Magazine - July 2010

http://www.nxtbook.com/nxtbooks/nrf/STORES2019_tuesday
http://www.nxtbook.com/nxtbooks/nrf/STORES2019_monday
http://www.nxtbook.com/nxtbooks/nrf/STORES2019_sunday
http://www.nxtbook.com/nxtbooks/nrf/STORES2019_preview
http://www.nxtbook.com/nxtbooks/nrf/STORES_bigshowdaily20180116
http://www.nxtbook.com/nxtbooks/nrf/STORES_bigshowdaily20180115
http://www.nxtbook.com/nxtbooks/nrf/STORES_bigshowdaily20180114
http://www.nxtbook.com/nxtbooks/nrf/STORES2018_preview
http://www.nxtbook.com/nxtbooks/nrfe/STORES0415
http://www.nxtbook.com/nxtbooks/nrfe/STORES0315
http://www.nxtbook.com/nxtbooks/nrfe/STORES0215
http://www.nxtbook.com/nxtbooks/nrfe/STORES0115
http://www.nxtbook.com/nxtbooks/nrfe/STORES1214
http://www.nxtbook.com/nxtbooks/nrfe/STORES1114
http://www.nxtbook.com/nxtbooks/nrfe/STORES1014
http://www.nxtbook.com/nxtbooks/nrfe/STORES0914
http://www.nxtbook.com/nxtbooks/nrfe/STORES0814
http://www.nxtbook.com/nxtbooks/nrfe/STORES0714
http://www.nxtbook.com/nxtbooks/nrfe/STORES0614
http://www.nxtbook.com/nxtbooks/nrfe/STORES0514
http://www.nxtbook.com/nxtbooks/nrfe/STORES_sourcebook2014
http://www.nxtbook.com/nxtbooks/nrfe/STORES0414
http://www.nxtbook.com/nxtbooks/nrfe/STORES0314
http://www.nxtbook.com/nxtbooks/nrfe/STORES0214
http://www.nxtbook.com/nxtbooks/nrfe/STORES0114
http://www.nxtbook.com/nxtbooks/nrfe/STORES1213
http://www.nxtbook.com/nxtbooks/nrfe/STORES1113_buyersguide
http://www.nxtbook.com/nxtbooks/nrfe/STORES1113
http://www.nxtbook.com/nxtbooks/nrfe/STORES1013
http://www.nxtbook.com/nxtbooks/nrfe/STORES_mediakit2014
http://www.nxtbook.com/nxtbooks/nrfe/STORES0913
http://www.nxtbook.com/nxtbooks/nrfe/STORES0813
http://www.nxtbook.com/nxtbooks/nrfe/STORES0713
http://www.nxtbook.com/nxtbooks/nrfe/STORES0613
http://www.nxtbook.com/nxtbooks/nrfe/STORES0513
http://www.nxtbook.com/nxtbooks/nrfe/STORES0413
http://www.nxtbook.com/nxtbooks/nrfe/STORES0313
http://www.nxtbook.com/nxtbooks/nrfe/STORES0213
http://www.nxtbook.com/nxtbooks/nrfe/STORES2013_20130115
http://www.nxtbook.com/nxtbooks/nrfe/STORES2013_20130113
http://www.nxtbook.com/nxtbooks/nrfe/STORES2013_20130114
http://www.nxtbook.com/nxtbooks/nrfe/STORES2013_preview
http://www.nxtbook.com/nxtbooks/nrfe/STORES0113
http://www.nxtbook.com/nxtbooks/nrfe/STORES1212
http://www.nxtbook.com/nxtbooks/nrfe/STORES1112
http://www.nxtbook.com/nxtbooks/nrfe/STORES1012
http://www.nxtbook.com/nxtbooks/nrfe/STORES_mediakit2013
http://www.nxtbook.com/nxtbooks/nrfe/STORES0912
http://www.nxtbook.com/nxtbooks/nrfe/STORES0812
http://www.nxtbook.com/nxtbooks/nrfe/STORES0712
http://www.nxtbook.com/nxtbooks/nrfe/STORES0612
http://www.nxtbook.com/nxtbooks/nrfe/STORES0512
http://www.nxtbook.com/nxtbooks/nrfe/STORES0412
http://www.nxtbook.com/nxtbooks/nrfe/STORES0312
http://www.nxtbook.com/nxtbooks/nrfe/STORES0212
http://www.nxtbook.com/nxtbooks/nrfe/STORES2012_preview
http://www.nxtbook.com/nxtbooks/nrfe/STORES0112
http://www.nxtbook.com/nxtbooks/nrfe/STORES1211
http://www.nxtbook.com/nxtbooks/nrfe/STORES1111
http://www.nxtbook.com/nxtbooks/nrfe/STORES1011
http://www.nxtbook.com/nxtbooks/nrfe/STORES_mediakit2012
http://www.nxtbook.com/nxtbooks/nrfe/STORES0911
http://www.nxtbook.com/nxtbooks/nrfe/STORES0811
http://www.nxtbook.com/nxtbooks/nrfe/STORES0711
http://www.nxtbook.com/nxtbooks/nrfe/STORES0611
http://www.nxtbook.com/nxtbooks/nrfe/STORES0511
http://www.nxtbook.com/nxtbooks/nrfe/STORES0411
http://www.nxtbook.com/nxtbooks/nrfe/STORES0311_v2
http://www.nxtbook.com/nxtbooks/nrfe/STORES0311
http://www.nxtbook.com/nxtbooks/nrfe/STORES0211
http://www.nxtbook.com/nxtbooks/nrfe/STORES0111
http://www.nxtbook.com/nxtbooks/nrfe/stores1210
http://www.nxtbook.com/nxtbooks/nrfe/stores_mediakit2011
http://www.nxtbook.com/nxtbooks/nrfe/stores1110
http://www.nxtbook.com/nxtbooks/nrfe/stores1010
http://www.nxtbook.com/nxtbooks/nrfe/stores0910
http://www.nxtbook.com/nxtbooks/nrfe/stores0810
http://www.nxtbook.com/nxtbooks/nrfe/stores0710
http://www.nxtbook.com/nxtbooks/nrfe/stores0610
http://www.nxtbook.com/nxtbooks/nrfe/stores0510
http://www.nxtbook.com/nxtbooks/nrfe/stores0410
http://www.nxtbook.com/nxtbooks/nrfe/stores0310
http://www.nxtbook.com/nxtbooks/nrfe/stores0210
http://www.nxtbook.com/nxtbooks/nrfe/store_bigshow2010_post
http://www.nxtbook.com/nxtbooks/nrfe/stores_bigshow_20100112
http://www.nxtbook.com/nxtbooks/nrfe/stores_bigshow_20100111
http://www.nxtbook.com/nxtbooks/nrfe/stores_bigshow_20100110
http://www.nxtbook.com/nxtbooks/nrfe/stores0110
http://www.nxtbook.com/nxtbooks/nrfe/store_bigshowpreview2010
http://www.nxtbook.com/nxtbooks/nrfe/stores1209
http://www.nxtbook.com/nxtbooks/nrfe/stores1109
http://www.nxtbook.com/nxtbooks/nrfe/stores1009
http://www.nxtbook.com/nxtbooks/nrfe/stores0909
http://www.nxtbook.com/nxtbooks/nrfe/stores0809
http://www.nxtbook.com/nxtbooks/nrfe/stores0709
http://www.nxtbook.com/nxtbooks/nrfe/stores0609
http://www.nxtbook.com/nxtbooks/nrfe/stores0509
http://www.nxtbook.com/nxtbooks/nrfe/stores0409
http://www.nxtbook.com/nxtbooks/nrfe/stores0309
http://www.nxtbook.com/nxtbooks/nrfe/stores0209
http://www.nxtbook.com/nxtbooks/nrfe/stores0109
http://www.nxtbook.com/nxtbooks/nrfe/stores1208
http://www.nxtbook.com/nxtbooks/nrfe/stores1108
http://www.nxtbook.com/nxtbooks/nrfe/stores1008
http://www.nxtbook.com/nxtbooks/nrfe/stores0908
http://www.nxtbook.com/nxtbooks/nrfe/stores0808
http://www.nxtbook.com/nxtbooks/nrfe/stores0708
http://www.nxtbook.com/nxtbooks/nrfe/stores0608
http://www.nxtbook.com/nxtbooks/nrfe/stores0508
http://www.nxtbook.com/nxtbooks/nrfe/stores0408
http://www.nxtbook.com/nxtbooks/nrfe/stores0308
http://www.nxtbook.com/nxtbooks/nrfe/stores0208
http://www.nxtbook.com/nxtbooks/nrfe/stores-globalretail08
http://www.nxtbook.com/nxtbooks/nrfe/stores0108
http://www.nxtbook.com/nxtbooks/nrfe/stores1207
http://www.nxtbook.com/nxtbooks/nrfe/stores1107
http://www.nxtbook.com/nxtbooks/nrfe/stores1007
http://www.nxtbook.com/nxtbooks/nrfe/stores0907
http://www.nxtbook.com/nxtbooks/nrfe/stores0807
http://www.nxtbook.com/nxtbooks/nrfe/stores0707
http://www.nxtbook.com/nxtbooks/nrfe/stores0607
http://www.nxtbook.com/nxtbooks/nrfe/stores0507
http://www.nxtbook.com/nxtbooks/nrfe/stores0407
http://www.nxtbook.com/nxtbooks/nrfe/stores0307
http://www.nxtbook.com/nxtbooks/nrfe/stores0207
http://www.nxtbook.com/nxtbooks/nrfe/stores-globalretail07
http://www.nxtbook.com/nxtbooks/nrfe/stores0107
http://www.nxtbook.com/nxtbooks/nrfe/stores1206
http://www.nxtbook.com/nxtbooks/nrfe/stores1106
http://www.nxtbook.com/nxtbooks/nrfe/stores1006
http://www.nxtbook.com/nxtbooks/nrfe/stores0906
http://www.nxtbook.com/nxtbooks/nrfe/stores0806
http://www.nxtbook.com/nxtbooks/nrfe/stores0706
http://www.nxtbook.com/nxtbooks/nrfe/stores0606
http://www.nxtbook.com/nxtbooks/nrfe/stores0506
http://www.nxtbook.com/nxtbooks/nrfe/stores0406
http://www.nxtbook.com/nxtbooks/nrfe/stores0306
http://www.nxtbook.com/nxtbooks/nrfe/stores0206
http://www.nxtbook.com/nxtbooks/nrfe/stores0106-globalretail
http://www.nxtbook.com/nxtbooks/nrfe/stores0106
http://www.nxtbook.com/nxtbooks/nrfe/stores1205
http://www.nxtbook.com/nxtbooks/nrfe/stores1105
http://www.nxtbookMEDIA.com