Check there is a strong, unique password for the system
3
Verify firewalls are active and updated
4
Ensure anti-virus software is installed and updated
5
Check if two-factor authentication is enabled
6
Review the user access controls
7
Approval: User Access Controls
8
Check if transaction data is encrypted
9
Ensure secure network connection to the POS system
10
Review data backup processes
11
Approval: Data Backup Processes
12
Check physical security measures, including camera systems and locks
13
Ensure POS is separated from other networks
14
Test for system vulnerabilities
15
Approval: Security Vulnerabilities Assessment
16
Confirm that card reader and keypad are securely attached and not tampered
17
Regularly update all POS software applications
18
Monitor POS for suspicious activity
19
Approval: Monitor POS Activity
Confirm the POS system is up-to-date
Make sure that the point of sale (POS) system is running the latest software version. This task ensures that any security vulnerabilities or bugs in previous versions are patched. It also helps to optimize system performance and provide access to new features and functionalities. Have you checked if the POS system is up-to-date?
1
Yes
2
No
Check there is a strong, unique password for the system
Verify that the POS system has a strong and unique password to protect against unauthorized access. A strong password should have a mix of uppercase and lowercase letters, numbers, and special characters. A unique password ensures that even if one account is compromised, the others remain secure. Does the POS system have a strong, unique password?
1
Yes
2
No
Verify firewalls are active and updated
Ensure that firewalls are active and updated on the POS system. Firewalls act as a security barrier between the POS system and the external network, blocking unauthorized access and potential threats. Active and updated firewalls provide an extra layer of protection. Are firewalls active and updated on the POS system?
1
Yes
2
No
Ensure anti-virus software is installed and updated
Check if the POS system has anti-virus software installed and regularly updated. Anti-virus software detects, prevents, and removes malicious software that can compromise the security and performance of the system. Is anti-virus software installed and updated on the POS system?
1
Yes
2
No
Check if two-factor authentication is enabled
Verify if two-factor authentication (2FA) is enabled on the POS system. 2FA adds an extra layer of security by requiring users to provide two forms of identification (such as a password and a unique code sent to their mobile device) to access the system. Is two-factor authentication enabled on the POS system?
1
Yes
2
No
Review the user access controls
Review the user access controls in place for the POS system. User access controls help prevent unauthorized access by defining who can access the system and what actions they can perform. Are the user access controls reviewed and configured properly for the POS system?
1
Yes
2
No
Approval: User Access Controls
Will be submitted for approval:
Review the user access controls
Will be submitted
Check if transaction data is encrypted
Check if the transaction data on the POS system is encrypted. Encryption ensures that sensitive information, such as credit card details, is scrambled and can only be accessed with the proper decryption key. Is the transaction data on the POS system encrypted?
1
Yes
2
No
Ensure secure network connection to the POS system
Ensure that the POS system has a secure network connection. A secure network connection uses encryption and other security measures to protect data transmitted between the POS system and other devices or networks. Does the POS system have a secure network connection?
1
Yes
2
No
Review data backup processes
Review the data backup processes for the POS system. Data backups help protect against data loss in case of system failures, errors, or security breaches. Have the data backup processes for the POS system been reviewed?
1
Yes
2
No
Approval: Data Backup Processes
Will be submitted for approval:
Review data backup processes
Will be submitted
Check physical security measures, including camera systems and locks
Check the physical security measures in place for the POS system, such as camera systems and locks. Physical security measures help prevent unauthorized access to the system and protect the physical components of the POS system. Are the physical security measures, including camera systems and locks, in place?
1
Yes
2
No
Ensure POS is separated from other networks
Ensure that the POS system is separated from other networks to reduce the risk of unauthorized access or data breaches. Separating the POS system from other networks creates a dedicated and more secure environment for processing transactions. Is the POS system properly separated from other networks?
1
Yes
2
No
Test for system vulnerabilities
Perform periodic tests to identify and address system vulnerabilities in the POS system. Testing for vulnerabilities helps identify potential security weaknesses that could be exploited by attackers. Have periodic tests for system vulnerabilities been performed?
1
Yes
2
No
Approval: Security Vulnerabilities Assessment
Will be submitted for approval:
Test for system vulnerabilities
Will be submitted
Confirm that card reader and keypad are securely attached and not tampered
Confirm that the card reader and keypad of the POS system are securely attached and not tampered with. Securing the physical components of the POS system helps prevent unauthorized access and tampering with payment devices. Are the card reader and keypad securely attached and not tampered with?
1
Yes
2
No
Regularly update all POS software applications
Regularly update all software applications installed on the POS system, including the operating system, drivers, and any other relevant software. Keeping the software up to date helps ensure that known security vulnerabilities are patched and that the system is running optimally. Are all POS software applications regularly updated?
1
Yes
2
No
Monitor POS for suspicious activity
Regularly monitor the POS system for any suspicious activity that could indicate potential security breaches or unauthorized access. Monitoring the system helps identify and respond to security incidents in a timely manner. Is the POS system being regularly monitored for suspicious activity?