Security and Encryption Malware

Posted on by ccsretail

Security and Encryption Malware

Despite one’s best intent, systems can be infected by viruses, hacked, or crashed due to various reasons and through various sources. Having good security programs, and redundant data/program backup functions in place should be considered a must-have. However, even with these policies and procedures in place, sometimes things can go very wrong.

As a recent example:

A company’s application server was infected with a file encryption ransomware program during the middle of the day. Most of the operating system, and various programs where encrypted.

Doing a repair installation attempt was unsuccessful in correcting the issues, and ultimately, a recovery required pulling selected programs and data from multiple backups. Because the back-ups were incomplete, this created a number of residual issues related to some operating system files/features and selected programs.

This infection was later determined to be the result of all of the following:

  • Failure to restart the server after an anti-virus software update.
  • open RDP Internet ports on the server’s firewall.
  • An un-patched known security flaw on the application server that was known to be vulnerable to remote brute force connection attempts.

In this particular case, the saving grace was…

Their core application software programs and data on at least some of the redundant back-ups were undamaged by the encryption Malware infection.

The end result here was… a recovery project that could have taken weeks or months of work to complete or that could have resulted in massive irreversible data loss, ended up causing only several days of disruption and only a couple of days’ worth of data loss

While all of this might seem like a no-brainer to some, a focused plan that has built-in redundancy should be considered a must for any business.

If you would like a review of your current system for either security or and/or backup integrity, please contact CCS Retail Systems Support Department to schedule your System Security and Recovery evaluation.

– John

Modern, reliable Hybrid Cloud backup without the cost and complexity

Posted on by ccsretail

Modern, reliable Hybrid Cloud backup without the cost and complexity

SolarWinds® Backup is the simple, powerful, and affordable cloud-based backup service for your virtual and physical servers. Reduce the cost and complexity of backup without sacrificing speed or reliability. Enjoy a low TCO, with no hidden costs.

  • Cloud-based backups mean no need to worry about storage requirements
  • Protect physical and virtual servers and their applications across major operating systems and hypervisors, with a single product
  • Fast backup, rapid restore of even large machines and databases with built-in compression.
  • A single dashboard lets you verify the status of all your backups at a glance
  • Implementation is as easy as dropping an agent on each server.

HYBRID CLOUD BACKUP

SolarWinds® Backup is the best of both worlds, offering a hybrid cloud architecture that meets every need with one solution — and meets them fast. If a physical disaster like a fire takes down your hardware, you can restore fully from the cloud. If you need to recover a large file or data set quickly, you can access the local drive.

What does this mean for your business? Efficiency. SolarWinds® Backup’s hybrid cloud backup lets you manage all of your backups from a single system, so you can streamline your processes. 

BARE METAL RECOVERY

Bare Metal Recovery Disasters happen. If you lose entire systems, SolarWinds® Backup provides a bare metal recovery feature that lets you rebuild from the ground up.

With bare metal recovery, you can restore from the BIOS and get your systems back to work with nothing more than a simple bootable USB drive. Their worst-case scenario will become a minor blip on the radar, earning you. Don’t wait around for the worst—prepare for it and try SolarWinds® Backup.

TRUE DELTA DEDUPLICATION

Efficiency wins. That’s why SolarWinds® Backup features True Delta™ data deduplication, which captures byte-level changes instead of the full data set. This leads to shorter backup windows and allows for more efficient bandwidth usage.

After the initial system backup of your data, True Delta deduplication will back up changes only. And it does so at the byte level rather than the file level. Translation: The system backs up smaller amounts of data each time, allowing you to back up more frequently with less system drain. The result? Speed and efficiency, for you. 

LOCALSPEEDVAULT

When systems fail, recovery speed is everything. Your backup product must enable you to meet your recovery time objectives. That’s where LocalSpeedVault™ in SolarWinds® Backup comes in.

When LocalSpeedVault is enabled, MSP Backup & Recovery will automatically choose whether to restore from the LocalSpeedVault, the cloud, or both—whatever’s fastest. This gives you the quickest path to restoring continuity. Maximize uptime: with SolarWinds® Backup today.

BACKUP DOCUMENTS FOR WORKSTATIONS INEXPENSIVELY

Many organizations don’t back up more than a critical server and maybe a handful of workstations. This leaves their clients at risk of losing critical data. Foras low as $3 per workstation per month, the Backup Documents feature for SolarWinds® Backup will automatically back up your documents on their workstations twice per day. With SolarWinds global cloud network, you can easily restore from your cloud versions to any location.  Backup Documents lets you scale your backup services at an affordable price while providing greater protection against document loss from hardware failures, accidental deletions, or even ransomware.

Contact CCS Sales to see if the SolarWinds Hybrid Cloud Backup Manager is a good fit for your company.

Major credit card brands dropping signature requirement for North America

Posted on by ccsretail

Major credit card brands dropping the signature requirement for North America

Face it, the payment world is changing. Rapidly! From cryptocurrencies to apple pay, and now there is one more change headed for small business owners in the United States. All of the major credit card brands are dropping a signature requirement for North American purchases.
 
With signature requirements already gone in many other countries, US is playing catch up with the upgrade to EMV chips. However, come April each card company is adding new rules or relaxing current rules for signatures.
 

So what does that mean for small business owners?
 

Almost every American adult is familiar with the obligatory squiggle of your name to complete a transaction. But how secure are those signatures in helping us avoid fraudulent transactions and purchases? Not very. Putting aside all of the hassles of writing your name with a dead pen, getting something that looks somewhat like your name on an electronic signature pad, or having to deal with signatures when traveling abroad in places that are used to chip and PIN, those signatures just don’t do a good job of keeping us safe, and in reality have not been effective for a long time.

If you missed the news, all of the major credit card brands are dropping a signature requirement for North American purchases. Coming on the heels of the upgrade to EMV chips, the card issuers are relying on far better security requirements today. But how does this impact you as a business owner? Let’s take a look at what the end of credit card signatures means for you.

Credit card signatures expiration date

Each of the major four card brands in the United States, Visa, MasterCard, American Express, and Discover, is implementing a change to credit card signatures effective April 2018. Starting that day, each card company is adding new rules or relaxing current rules for signatures. They may not go away instantly or all at once, but starting in April, you can expect far fewer credit card signatures at checkout.

 

Two years later, and the chips are doing their job at point-of-sale purchases where the card is present. They can’t do much for fraud online, but for offline fraud, the chip was a great step forward. Now, it seems the time has come to say goodbye to credit card signatures as our next phase of credit card processing in the United States.

Different rules for different cards

Visa is the biggest of the card brands. To say credit card signatures are going away completely in April 2018 would be a little misleading. According to a blog post from Visa at its official Tumblr page, the signatures won’t be going away everywhere, and merchants still have some leeway to decide for themselves whether or not to make customers sign. Only merchants with an active chip reading terminal are exempt from signatures, so stores and checkouts that don’t take chips will still need to take signatures for most purchases.

This means that at grocery stores, gas stations, drug stores, and other large chains, you can expect the signature to effectively vanish on the April effective date. However, smaller businesses that have not spent the money to upgrade their card reading terminals to chip readers may still continue to ask for signatures for a while yet. New terminals run up to $1,000, so many small businesses won’t rush out to buy one, particularly if they don’t take many credit cards.

Why merchants should upgrade to EMV chip readers ASAP

While that $500-$1,000 expense isn’t exciting, a new card reader that takes chip-enabled cards is probably worth the cost. On October 1, 2015, the liability for card fraud shifted from the banks to the merchants unless the merchant is using an EMV chip reader. The liability shift is a significant occasion for any business that accepts credit cards in person. Starting on that date, any fraud caused by the business has to be paid for by the business if they don’t have the updated chip card reader. Think of the newer chip card terminals as an insurance policy against paying for the fraud that originated at your business’s card processing system.

Because Visa is still requiring signatures for some merchants that don’t have the chip reading terminals, your business is not getting the benefit of the end of credit card signatures unless you have a chip reader, which you should anyway to protect your customers from fraud and yourself from paying.

Join the next century of credit card processing

The real future of card payments likely involves no card at all and instead relies on a digital wallet with a system like Android Pay or Apple Pay, but in the meantime, customers continue to use plastic credit cards to make everyday purchases. Thankfully, starting soon, that checkout process will get a little easier thanks to the end of credit card signatures.

This article was originally published on Kredyt.com and Due.com.

A Great Way To Get Rid Of Merchandise

Posted on by ccsretail

A Great Way To Get Rid Of Merchandise

You want to free up the cash in those slow-movers to buy new, better-selling items for spring AND you want to lower stock levels, so you don’t have as much to count during your physical inventory.

One particularly useful markdown at this time of the year is a “buy-one-get-one-free” (BOGO). This promotion accomplishes two major goals:

1. Deep discount (up to 50%) encourages customers to buy

2. Moves twice as much merchandise to lower stock levels

Here are some ways to use the BOGO deal to get rid of your slow-moving stock strategically.

• You have a lot of one particular item: Do the standard, buy one widget, get one widget free. For most shoppers, this is a no-brainer.

• You have some slow-moving colors in an item: Buy an aquamarine widget (the slow-moving color), get a second widget of any color free. BOGO will help move all widgets, but specifically the aqua widget.

• You have some slow-moving sizes: Buy a large widget (the slow-moving size), get your choice of small or medium widget for free. This one’s good because the markdown will be less than 50% and you will be pushing that least popular size.

• You have two similar items that are overstocked: Buy a widget, get a thing-a-ma-jig for free. Great for gift givers who want to give similar but different gifts to 2 sisters, two teachers, two neighbors – or buy one for me, one for you!

• You have a bunch of unrelated, but slow-moving items and not enough of just one to do a good single item BOGO: Buy any one item on this table, and get a second item from the table for free. Bargain hunters love this one, and you’ll move a lot of merchandise in a hurry!

Have fun with this one and watch your cash accumulate while your leftover inventory disappears!

The Disadvantages of Using Duplicate Document Numbers

Posted on by ccsretail

The Disadvantages of Re-using Document Numbers

They are numerous reasons for not doing this as follows:

Typically, in most software applications, a document number is considered a Primary Key, so it should be considered “Unique” and would not be duplicated. However, there are some programs where it might be a Secondary key where multiples might be allowed, such as using a sequence Number, such as when using duplicate entries and historical tables such as Check History (e.g. checks, voids for the same checks, or manual payments, EFT transactions, etc.).

Even in situations where the programming might allow for this sort of thing, a duplication might cause other issues with software functionality, As examples.

  • GAAP – According to GAAP (Generally Accepted Accounting Practice) document numbers should also be considered unique. This also makes auditing easier. If an auditor sees a lot of duplicate documents, it may prompt the auditor to dig deeper looking for other accounting irregularities, thereby artificially extending the length of the audit.
  • The same Ticket/Invoice number exists in history multiple times – A user runs a report on ticket #20324 without having specified a date or date range. The subsequent report returns eight documents created over a period of 10 years.
  • Problems posting – I have seen examples where end-users have used the same invoice number dozens of times. When they try to post a new voucher using the same invoice number, the program may hang or crash while it attempting multiple times to create a “New” document for one that already exists to previously. As an example, the program might attempt to write the same document into history 10 times, and then just stop the attempts to write the new data.

The worst example of this that I have seen so far, is with one vendor that 21 manual payments on file using an invoice and check number of “SUPPLIES” – In this case, a better example would create the numbers would be something like “SUPMMDDYY” (e.g. SUP031518).

If you have any questions or need assistance with the creating your own document number assignment schema, please contact the CCS Retail Systems Support department.

– John

Signature Capture Devices

Posted on by ccsretail

 

 

Signature Capture Devices.

Would you like to have your customers signature show up on Invoices and Order printouts?

There are a couple devices that can be used to do this.

One is the Ingenico ISC250 Pin Pad, it combines a signature capture device, along with a Pin Pad and MSR for processing credit/debit card payments. It will capture the customers signature, which can then be used to print on receipts, invoice and order forms and also be looked up in ticket history without printing.

There is also the Topaz signature capture device. It will only capture the customer signature that can then be printed on receipts, invoices, and order forms.

The signature will not automatically print on the forms with these devices and will need to be added to the form of your choice.

The Topaz is a useful device if you are processing payments outside of Counterpoint (i.e. Standalone Credit Card Terminal), or would still like to capture signatures for A/R charge type sales/returns or any transaction that you set as requiring a signature.

There is a little setup required, and there are specific device models that can be used, so if you are interested, please contact the CCS Retail Systems Support or Sales Department at 800.672.4806 for help determining the right model for your system.

-Bryan