Small Business Lesson from Target’s Breach

Target was the first major retail outlet that made national news with their credit card breach.  Your company may not make the national news for losing your client data, but what can you apply to make your work environment safer?

Target’s Big Error

There was no separation between Target’s credit card processing network and the air conditioning and heating controls.  All of the critical systems to make a large store like a Target were all on the same network.  The heating and cooling controls shared the same cable connections at the cash registers. There is no reason the for the heating or A/C controls to have access to the cash registers, but this is something that Target missed in their system planning.

In your  business you probably have the same exposure.  Everything runs on a single group of connected wires.  Your bank deposits, wire transfers, 401K and payroll deposits do not have to be done on the same virtual network as your email.  You can create a second machine with free software for financial transactions on any Windows 7 or Windows 10 computer in your office. Separation from your email is important because 66% of breaches are from email phishing attacks.  These phishing messages can be generic email messages or targeted at your staff or executives.

Big Picture overview

There are two ways to separate your financial internet transactions from your everyday internet usage.  Both use a virtual computer embedded in your current machine.   This technology is available for free from Microsoft in Windows 7 or Windows 10.  Oracle also has free software to accomplish this with software program called VirtualBox.   Since the virtual machine is only used for financial Internet transactions this machine will run Puppy Linux.  FireFox will be the default browser for all Internet  access on the Puppy Linux machine.

All Virtual Network

The Puppy Linux virtual computer will use a virtual local network to pass information back to the Internet router.   Internet data from the real computer and the virtual computer will be on the same network card.  The computer will have different ID’s for their data transmission to the Internet.

Assess Your current structure

Separating the general business communications from the financial transactions is not a large task. Follow this list to identify your financial processing devices.

  • First make a list of the financial transactions in your business. 
  • Credit card processing should be segmented in it’s own group. 
  • Bank transactions of any type into another group. 
  • Identify all the devices that run credit card processing. 
  • Identify all the devices where bank transactions are processed.

Review your current network hardware

You may already have all of the hardware to separate your regular business internet traffic from your financial internet traffic.  Most network switches can accommodate virtual local area network technology.  This allows traffic between two groups in the same work space to be separated.