Securing the retail store
Published: September 20, 2005
This white paper presents the Microsoft vision of retail store security. It provides a technical roadmap to achieve the Microsoft vision and discusses alternative solutions when infrastructure, cost, and complexity constraints exist.
This paper provides information about how to improve the security of a retail store while considering state legislation and industry regulations such as California bill 700 and the Payment Card Industry (PCI) Data Security Standard (DSS) adopted by Visa and MasterCard, among others. The government legislation was enacted to help ensure that retailers and other purveyors of customer data are held responsible for protecting said data and held accountable for its theft. This paper can educate retail organizations about how to better secure their store information technology environments and can help ease the road to compliance with these regulations.
This white paper addresses security in four sections:
| • | Securing the network |
| • | Securing the system |
| • | Securing the data |
| • | Managing for security |
Each section identifies relevant technologies and describes the advantages, requirements, and considerations of implementation. When possible, generic technologies and solutions are identified followed by a discussion of Microsoft products and how they apply. Links are provided to more prescriptive guidance for each technology. And lastly, the appendix identifies how these recommendations fulfill requirements outlined in the Payment Card Industry Data Security Standard (PCI DSS).
