Internet Explorer Zero Day Exploit and Windows XP

Posted on by ccsretail

Internet Explorer Zero Day Exploit and Windows XP

Microsoft has reported an Internet Explorer Remote Code Execution Vulnerability  (CVE-2014-1776), that affects all versions of Internet Explorer.

 
Microsoft released a security advisory on a vulnerability in Internet Explorer that is being leveraged in limited targeted attacks. There is currently no patch available for this vulnerability and Microsoft has not provided a release date for one.
 
Various anti-virus companies have confirmed that the vulnerability crashes Internet Explorer on Windows XP.  Because of Microsoft’s recent end of support for  Windows XP on 04/08/2014, this will be the first zero-day vulnerability that will not be patched for Windows XP users.  
 
The NSA has recommended that all Windows XP users stop using internet explorer, and use another browser, at least until they are able to upgrade to a newer operating system.
 
Microsoft  stated that its EMET (Enhanced Mitigation Experience Toolkit) version 4.1 and above can mitigate this Internet Explorer vulnerability and is supported by Windows XP. Besides using EMET, many anti-virus companies and industry experts are encouraging Windows XP users to temporarily switch to a different Web browser until a patch is made available by Microsoft.

If you need assistance with protecting your systems, or upgrading your Windows XP machines,  please contact the CCS Retail Systems Support Department.

Have You Updated Your Windows 8.1?

Posted on by ccsretail

Have You Updated Your Windows 8.1?

Excerpted from betanews 

Microsoft has trouble convincing Windows users to upgrade to newer versions of the operating system, even when the update is free of charge. Windows 8 still has a larger market share than Windows 8.1, according to the latest NetMarketShare data, even though the latter is better and can be installed without paying a dime. 

So that Windows 8.1 Update does not follow the same path, Microsoft has announced it will no longer make security patches compatible with Windows 8.1 installations which do not have Update applied. 

This is something Microsoft has to do to get Windows 8.1 users to install Update more quickly. Supporting multiple iterations of the same Windows version (Windows 8.1 and Windows 8.1 Update, in this case) means Microsoft has to allocate significantly more resources than it would have to in order to support just the latest one. 

"Since Microsoft wants to ensure that customers benefit from the best support and servicing experience and to coordinate and simplify servicing across both Windows Server 2012 R2, Windows 8.1 RT and Windows 8.1, this update will be considered a new servicing/support baseline", says Microsoft in a TechNet blog post. "What this means is those users who have elected to install updates manually will have 30 days to install Windows 8.1 Update on Windows 8.1 devices. After this 30-day window, and beginning with the May Patch Tuesday, Windows 8.1 user’s devices without the update installed will no longer receive security updates". 

"This means that Windows 8.1 users, starting patch Tuesday in May 2014 and beyond, will require this update to be installed. If the Windows 8.1 Update is not installed, those newer updates will be considered ‘not applicable’", explains Microsoft. 

The our-way-or-the-highway approach that Microsoft takes is a welcome change, as Windows users are not willing to move quickly to something better, even when it is free. However, the company must be careful with how it manages the Update rollout and installation issues that Windows 8.1 users are reporting. 

If Microsoft forces them to apply Update by next month’s Patch Tuesday it will have to solve all their problems quickly, or else it may have to back pedal, and not for the first time, on what seemed to be the right way to go. 

If you have any questions or concerns about updates, give the CCS Retail Systems Support department an call at 800.672.4806 or email us

-Bryan
 

Keeping Customers Loyal

Posted on by ccsretail

Keeping Customers Loyal 

Most business owners know that keeping customers loyal should be a top priority in their marketing plan.  It’€™s cheaper, less time-consuming, and more energy-efficient to retain customers compared to finding and obtaining new customers. 

How can you make this happen in your business?  In an article for wikiHow titled How to Keep Customers Loyal, eight steps to accomplish this goal were presented. The first four are shown below; others will appear in a later blog. 

  • Make or sell the best products and train your employees to provide the best quality service
  • On a regular basis, offer your customers incentives for patronizing your business, such as providing punch cards or giving a percentage off after a given number of purchases. 
  • Provide your customers with a reason to come back. Offer a discount if they refer a new customer to your business, or give a coupon that can be used later if they purchase now. 
  • Provide a discount if several products/services are purchased up front. You could offer, for example, 20% off a package of five car washes if the customer buys the package rather than a single car wash. 
  • A satisfied customer is one who will return again and again.  Employing these techniques will help make that happen!  

Did you know that NCR’s Counterpoint has a built-in Loyalty Program that allows you to reward loyal customers with points that can be redeemed for future purchases or special incentives?Customers can earn points for all items they purchase or just for certain items. The number of points can vary based on such things as the item number, category, vendor, or sales information such as date, store, day of the week, or time of day. 

Call us today at 800/425-672-4806 or email us for more information, and don’t forget to watch for next week’s blog for four more steps for keeping your customers loyal.

NCR Merchant Solutions PCI Compliance Program – Update

Posted on by ccsretail

NCR Merchant Solutions PCI Compliance Program – Update

Many of NCR Counterpoint merchants use NCR Merchant Solutions for credit card processing

Merchants using NCR Merchant Solutions are enrolled in the NCR Merchant Services PCI Compliance Program to ensure the merchants were as protected as  possible from credit card threats, and to verify PCI DSS compliance. Starting in March, 2014, a monthly fee began to be assessed against merchants who had not verified PCI compliance with NCR Merchant Services, either via a self-assessment questionnaire (SAQ), a report from a qualified security assessor (QSA), or both.  This fee will continue until PCI DSS compliance is verified by the merchant.

The instructions for the merchant are straightforward the merchant needs to  log on to https://pci.trustwave.com/ncrmerchantsolutions and complete the validation process.

The note below was emailed to all NCR Merchant Services users, so this is legitimate and something that needs to be addressed:

"Small businesses are the number one target for criminals to steal cardholder data.  To help you reduce your risk, you were previously enrolled in the NCR Merchant Solutions PCI Compliance Program designed to help you protect your business from cardholder theft and become PCI DSS (Payment Card Industry Data Security Standard) compliant.  Our system indicates that you have not validated your compliance as required so beginning in March 2014, a Monthly PCI Non-Validation Fee of $19.99 is being added and will be billed until your compliance is validated.

Please log on to https://pci.trustwave.com/ncrmerchantsolutions to complete your validation process.  Have your MID and DBA (the business name at the top of this processing statement) ready for easy access."

If you have any questions related to the above issue, please contact the CCS Retail Systems Support Department.

– John

How Do You Train Your Employees?

Posted on by ccsretail

How Do You Train Your Employees? 

Recently, CCS helped a customer switch from another POS platform over to NCR Counterpoint (CPSQL).  As usual, we had them come in for some formal training.  Not every employee was there, but the owner, and managers were, and learned quite a bit. 

On the actual cut over day, I went on site and helped get things ready for going live the next day.  In this case the store was closed, I know that is not always possible but it was very helpful for what went on next. 

After getting everything configured and setup we setup a practice company that was an exact duplicate of the "live"company, the owner had all employees come in that day.  He had a chart of who was doing what and when.  They had 4 registers and about 12-15 employees ready to learn.  He assigned 4 of his employees to be on the registers, the rest were shoppers.  They had fake cash which was dealt out to the "shoppers" and we had set the practice company to simulate credit and debit transactions.  This was as close to being live as could be possible. 

They then had the "shoppers" shop.  Just like real customers, they filled their baskets with anywhere from 1 to 25 items, they did returns, pay-ins, pay-outs, exact cash, transactions with change, multiple tenders… they simulated what they see their normal customers do. 

It also helped to see where changes needed to be made to help their procedures flow smoothly and helped in finding where procedures may needed to be changed slightly.  After about 15 minutes or so, 4 different employees got to use the registers and they repeated the process until everyone got a chance to use the registers and shop.  The owner even ordered pizza for everyone and made it a sort of "training party". 

In all the years I have been setting up POS systems and helping users use their system to the fullest, I have yet to see someone train their users this way.  Overall, everyone had fun, learned how the new system worked and as a result "Go Live" day had very few issues with users not knowing what to do. 

If you need a refresher course, or just want some one on one training call or email CCS Retail Systems for information on when our next training sessions are.

-Bryan

Michaels and Aarons Stores Security Breach

Posted on by ccsretail

Michaels and Aarons Stores Security Breach
 

Michaels Stores Inc. reported Thursday, April 17th that approximately 2.6 million Debit and Credit Cards may have been affected by a security breach.

There are also indications that Michaels its subsidiary, Aaron Brothers was also attacked, with approximately 400,000 cards potentially being affected.

Michaels claims that it has contained the incident, which actually began sometime in 2013. has received "limited" reports of fraud from banks and the payment card brands that are potentially connected to the breach.

The compromised data includes customer information such as payment card numbers and expiration dates. Currently, Michaels has indicated that there’s no evidence of any other information such as names, addresses or PIN numbers were at risk.

The details come nearly three months after Michaels disclosed that it may have been a victim of a data breach and that it was working with law enforcement authorities, banks and payment processors.

The company indicated that both chains were attacked by criminals using highly sophisticated malware that had not been encountered previously by any of the security firms that were conducting the investigation.

The breach at Michaels stores occurred between May 8, 2013 and January 27, 2014. The breach at the Aaron Brothers stores occurred between June 26, 2013 and Feb. 27, 2014. A total of 54 Aaron Brothers stores were affected by this malware.

Michaels has indicated that is is offering free identity protection, credit monitoring and fraud assistance services for 12 months to any affected any Michaels and Aaron Brothers customers in the U.S.

Company representatives did not indicate why it too so long to inform it’s customers of the breaches.

– John

Easter Holiday Predictions

Posted on by ccsretail

Are You Prepared for the Holiday? 

Bethany Aronhalt and Kathy Grannis report that National Retail Federation’s annual Easter Spending Survey has been released, and the news is good for retailers. This survey, conducted by Prosper Insights & Analytics, predicts that the average American celebrating the holiday this year will spend an average of $137.46 on the usual holiday treats €“ apparel, food, candy, gifts, and more. Though a little less than last year’s $145.13, total spending is expected to reach $15.9 billion. 

Emerging from a challenging winter season, many Americans appear ready to start spring wearing new attire, sprucing up their home with holiday decorations, and pacifying their sweet tooth with traditional Easter candies like peeps, jellybeans, and chocolate eggs. 

On the observance of the customary Sunday holiday meal alone, either at home or at a restaurant, celebrants will be spending an average of $43.18 for this occasion. This adds up to a total of $5 billion in consumer spending, just for this meal alone! 

Personal and fun items that will not break the bank, but will still allow families to enjoy the day, will be especially sought out this year. Searching for these items may involve the use of smartphones or tablets, but seasonal advertising and store displays will entice many to visit brick and mortar stores for their purchases. 

Are you prepared to collect your share of the holiday profits?  Do you know which of your customers should be targeted for your sales and promotions events?  NCR’s Counterpoint CustomerConnect is just the tool you need for this kind of tracking.  If you would like to hear more about this feature, give us a call at 800/425-672-4806 or email us.  Make this holiday the most profitable ever!

Windows 8.1 Update

Posted on by ccsretail

Windows 8.1 Update

The recently released Windows 8.1 Update is Microsoft’s attempt at adjusting Windows 8.0 to make it more desktop friendly.  In this release there is an attempt to better meld the touch-oriented features with that of the traditional Windows desktop used in  Windows version 7.  Just some of the changes are:

  • For non-touch devices, the boot default is into the desktop mode instead of into the Metro touch user interface.
  • This update allows you to change the behavior of Windows Store apps to make the work more like desktop apps.
  • Apps can now be pinned to the Windows Taskbar.
  • Like desktop apps, Windows Store apps now have two buttons that appear on the upper right corner – an "X" for closing the app and a "- "for minimizing it.
  • There’s now a power button on the Windows Start screen. so that the user can shutdown the machine from that screen.
  • There is a Control Panel link on the bottom of the main setting screen.
  • Opening images on non-touch, now defaults to the desktop application version not the Metro UI.

While this is not currently ideal for most Windows XP and Windows 7 users, some of the changes make the operating system more user friendly for desktop users than the initial Windows 8 application.

If you would like more information on upgrading your system to Windows 8.1, please contact CCS Retail Systems Sales Department.

– John

Change – It’s Inevitable!

Posted on by ccsretail

Is Your POS System Due for a Change? 

This week has been a challenging one for those of us who still have Windows XP on their computers. A change had to happen, and for most of us, change is often distressing. We like to do things “the way we always did”. Unfortunately, that is no longer possible in many aspects of business and of life! Technology keeps moving forward and things quickly become obsolete. 

When a transition is accomplished, like moving from Windows XP to Windows 7 or 8, it’s amazing how tasks become faster and easier. (I can remember when we had to go through an operator to complete a telephone call!). All it takes is a little re-learning and you’re ready for more efficient use of your time, and this saves you money as well! 

When is the last time you looked at new features for your POS System? NCR’€™s Counterpoint, for example, has a feature called CustomerConnect that quickly and efficiently tracks your customers’ buying habits so you can target specific customers for your advertising campaigns and sales events 

Counterpoint’s CPMobile feature with POS capabilities allows you to accept credit cards, cash, A/R or check payments. You can even check inventory counts and prices on the spot with this feature. 

So what are you waiting for?  If you would like more information about these features or would like to know more about other new features, call us today at 800/672/4806 or email us. You’€™ll be glad you did!

 

Bye Bye Windows XP

Posted on by ccsretail

Bye Bye Windows XP 

Now that Microsoft has stopped support for Windows XP you might be asking yourself "What Now". Well as you can see your PC didn’t stop working or blow up, but it will not be protected like it used to or like any new Microsoft Operating Systems will be.

Does this mean that you should not use your PC anymore?  Unfortunately, that’s a double edged sword type of question. I guess the answer would be to ask yourself, "What do I do with PC", banking? email? shopping?.  As with any PC, you need to be aware of where you go on the Internet. Even legitimate sites have had issues with infecting PC’s. This means that you are more vulnerable to being infected, having your identity stolen, and have our bank account cleaned out.  Is that something you are willing to risk?

Although I do not advise it, you can still use your Windows XP machine. Maybe for research or a quick Google search.  But using it for anything personal, I would be very careful.  Microsoft did say that would continue Malware definition updates until mid 2015, but that no reason to believe you are safe.

The best remedy right now would be to update your OS to at least Windows 7, but before jumping in to that, I would be sure your PC can handle it.  Also be aware that you will need to re-install ALL software.  Installing Windows 7/8 on a PC running anything older than Vista, will wipe your hard drive before installing.  There is no upgrade path from Windows XP to Windows 7.  Another option would be to buy a PC that is preinstalled with a newer OS.  You may still be able to find one with Windows 7, if you’re not ready for Windows 8.

If you have any system questions or concerns, contact the CCS Retail Systems Support Department at 800.672.4806 or email us