Managing Risk and Securing Virtual Retail

By Courtney Radke | November 25, 2020

When it comes to evaluating the state of retail, it would be an understatement to say things have drastically changed from this time last year. The shift in consumer buying patterns due to Covid-19, and the subsequent reinvention of the retail wheel to support this change, has been dramatic to say the least. From restaurants to department stores and from grocery stores to gas stations, retailers have leveraged technology in a big way to survive, and even thrive, in an uncertain environment with no slow-down in sight. So, while it's important to understand how we got here, it is equally important, if not more so, to understand what’s next as retailers continue to adapt to and innovate to the new normal. 

Retailers Shift from "Bricks to Clicks"

Right now, we find ourselves squarely in the Holiday shopping season, with the New Year looming. In fact, the shopping season began much earlier this year due to Covid-19, with some outlets starting their “Black Friday” sales as early as September. No matter who you ask, or which survey you read, the shift to online shopping has been dramatically accelerated, with some retailers indicating a 45% increase in online sales vs. the same period in 2019. This drastic shift in the retail consumer landscape has led many retailers to adopt a “Bricks to Clicks” approach, necessitating a continued influx of technology in order to capture revenue across as much of the value-chain as possible. At the same time, traditional retail outlets have been continually challenged to adapt by creating more safe and secure omni-channel experiences by serving as hubs for BOPIS and curbside fulfillment.

Technology Adoption Continues as Retailers Meet Customer Demand

Retailers have adopted an aggressive and expansive approach to meeting their customers wherever their transactions take place. This includes such things as e-commerce web applications, mobile application platforms, contactless commerce technologies, and deploying SD-WAN to provide flexible and resilient connectivity to retail branches.

Restaurants Going 3D: Securing Delivery, Drive-up, and Drive-thru

Restaurants are a perfect case study of how retailers have drastically changed the way they operate to serve guests, finding ways to provide classic service both safely and securely. But these models have cybersecurity risks that aren’t always being addressed.

Delivery – Whether utilizing a 3rd party or building their own service, restaurants have transitioned to a delivery model to get food into the hands (and mouths) of their guests. From a security standpoint, Restaurants must ensure they have “always-on” network availability—and security— to enable the delivery process. Restaurants also need to make sure that third-party integrations and devices don’t negatively impact their security posture. Cybercriminals have been actively targeting e-commerce plug-ins, such as shopping carts, to do things like credit card skimming malicious data mining.

Drive-up – Between delivery and drive-through is drive up, or curbside service. Restaurants had been developing their drive-up service for years prior to Covid-19, but they have seen it become an absolute necessity in the last year. Like delivery, stores must have robust connectivity to support guests placing an order or announcing that they have arrived for pick-up. Unlike delivery, the experience must be consistent during the ordering process as well as check-in once the guest arrives at the restaurant. However, restaurants also need to ensure that connections (both internal and external) are secure. This is a scenario rife with possibilities for things like man-in-the-middle attacks, where criminals sitting near the restaurant can broadcast themselves as the restaurant’s WiFi, collecting customer information and pivoting to internal systems.

Drive-thru– Upwards of 90% of guests have been served off-premises during the peak of Covid-19. Many times, this interaction occurs via a drive-through window. While delivery and drive-up (curbside) services are more easily added to a restaurant’s arsenal, adding drive-thru requires a significantly greater investment. Adding a drive-thru (or more likely, multiple drive-thru lanes) also necessitates a significant focus on technology, as wired and wireless connectivity is needed not only for the more digital and personalized drive-thru kiosks, but also for the hop-out/line-buster technology that many restaurants agree is a key to effective drive-thru consistency.

As buying patterns in the restaurant industry change, will we continue to see restaurants design and deploy new operational models to better serve their guests. These include both on-prem and off-prem enhancements as well as an expanded adoption of cloud services. Organizations need to ensure that security is built into these efforts on day one.

Bringing it Home - Retailers Shift from Corporate Office to Home Office

Due to Covid-19, retailers found themselves supporting large remote workforces—some for the first time. Fast forward to now, with most organizations having at least a handle on managing a work from home strategy, making necessary long-term technological and business culture changes now becomes the reality as many organizations understand things may never return to the traditional model.

For many retailers, this means remote workers, and their home offices, must now be considered as permanent extensions to the corporate environment. Unfortunately, this brings with it increased complexity and reduced visibility. Without proper security and connectivity solutions in place, retailers must treat home offices as if they were a “coffee shop”; unknown and unsecured. This new dynamic can create significant challenges for collaboration and productivity but also raise major concerns for visibility and control.

Luckily, advances in teleworker solutions, especially in areas like small-footprint SD-WAN, mean retailers have more options than ever before to securely integrate their remote workforce into their networked environments without creating blind spots for their security teams.

Accelerating Innovation by Managing Risk

The challenge is this: while necessity can breed amazing innovation, rapid innovation often breeds risk. The continued expansion of technology many retailers face has not only significantly increased their digital attack surface, but also created complexity and inefficiencies in managing the retail environment. A major contributor to this has been the traditional approach of having decoupled network and security functions in place, which not only compounds risk but also increases cost as retailers must learn, manage, and attempt to integrate disparate products. This, in turn, leads to undue strain on network and security teams, not to mention missed threat alerts and device misconfigurations that can further expose retailers to threat actors, who already see retailers as a prime target.

The solution is a platform approach which enables the convergence of network and security functions. Only once the traditional network and security silos are broken down can retailers see full return on their technology investments. A Security-driven Network approach provides retailers with peace of mind. Peace of mind in knowing that they can confidently move forward with their next phase of digital innovation and that their next round of networking and security challenges have already been solved, whether at home, at the branch, in the data center, or in the cloud.