Securing the Digital-First Model for Retail

Retailers continue to adopt a digital-first approach to customer experience, both in-store and online. According to a recent survey by DemandScience and Comcast Business, over the next 12 months, retail IT executives will prioritize upgrades in digital customer experience (CX), network and cybersecurity solutions, expanded use of analytics-backed decision making, and increased investments in AI. To meet the customer demands of a digital-first business model, retailers need to address their critical digital infrastructure and rethink network design and cybersecurity. This article outlines the major considerations and types of solutions retailers should consider to enable fast, reliable, and secure networks and digital business.

Customer demand driving digital adoption

The pandemic drastically and rapidly changed how retailers interact with their customers. The customer preference for a more digital, frictionless experience continues to drive the adoption of digitally-enabled processes and tools such as online and contactless ordering apps, self-checkout, and AI-powered product offerings and recommendations. This rapid adoption of new technologies brings with it an increase in the complexity of network design and security architecture for IT teams.

The number of devices connected to the network has increased significantly with the proliferation of wireless POS, tablets, inventory trackers, and IoT devices. This number is expected to grow over the next five years and securing the breadth of devices is becoming increasingly challenging. Confronted with escalating threats, privacy regulations, and growing customer concerns about data security, retailers are facing unprecedented pressures to keep their network connections secure.

Retail-specific vulnerabilities

Retailers have always been attractive targets for cyber attackers and data thieves. But now, cybersecurity threats have become an even bigger concern with 24% of all cyberattacks targeted at retailers, more than any other industry. For retail security teams, the network perimeter continues to transform as data and applications move to the cloud, more devices and merchandise are connected in-store, and users are working from outside headquarters and branch locations. With the expanding range of possible entry points, PCI compliance–always a top-line security priority–can be more challenging to manage. Retail security is further complicated by the broader threat surface due to digital POS systems, eCommerce platforms, digital supply chains with third-party partners, and digital loyalty programs.

WiFi and SD-WAN for flexible and enhanced connectivity

As the consumer desire for digital ease in purchasing will only continue to grow, retailers will need to be sure their WiFi bandwidth is up for the challenge of supporting a growing tech stack. WiFi is essential for almost every aspect of retail—think in-store monitoring of customer traffic and shopping patterns, or finding a product’s location in brick-and-mortar with inventory ID tags, or tracking merchandise in another location through real-time, connected inventory systems.

Underpinning WiFi networks at disparate locations, meanwhile, SD-WAN is able to segment network traffic to prioritize and help protect critical applications. Additionally, it allows for decoupling overlay and underlay networks, enabling core networks to scale and evolve independently. This helps to control costs and time needed to manage distributed networks. SD-WAN also provides the agility to add more bandwidth to help improve application and system performance. Centralized management is a huge advantage for retail IT teams who are managing hundreds, sometimes thousands, of branch locations. They are able to push changes to all locations at once, which helps to reduce burdens on IT teams.

Enabling new customer experiences through SD-WAN and SASE

The SASE framework, short for “secure access service edge,” is a convergence of network and security services. It merges security with SD-WAN to create a single, unified cloud service with far-reaching benefits. Retailers can leverage the SASE framework to develop overarching network strategies and address the new types of cyber risks within omnichannel models.

A SASE framework can help to meet retailers’ security requirements in a few key ways.

By integrating networking and network security into a single, unified, cloud-delivered service, retailers can tap into the power of functionality like firewall, intrusion detection, secure web gateway, cloud access security broker, and more—all integrated directly into single-pane-of-glass network management solutions. That means that when it comes to delivering on the promise of next-generation shopping experiences like digital displays, mobile point-of-sale checkout, and IoT-based data collection, IT teams have the central monitoring and control capabilities to manage and protect disparate systems and applications from anywhere.

In legacy environments, retail organizations used to include private MPLS or VPN networks to connect their HQ, branches, distribution centers, with an Intranet to connect internal employees. With today’s more distributed network architecture, SASE makes it easier to secure networks, applications and users, anytime and anywhere. SD-WAN simplified networks by combining them into a single platform, while the SASE framework helps with heavy computation in the cloud across all traffic types.

Security-as-a-Service to manage complex security

For retailers, the complexity of managing today’s network security is amplified as the number of locations increases. Bringing on a partner can help manage the necessities:

• Next generation firewalls are a must for security at each location to help protect your network across POS and back office segmentation as well as between the store location and the Internet.
• Network access control (NAC) to identify devices like video cameras and IoT sensors. Managed service partners can help quarantine devices to improve security posture for the network which no longer includes just POS, but rather the need to protect east/west traffic.
• Anti-virus/endpoint detection and remediation helps protect devices on the network.
• Authentication to confirm that users are who they are in a high turnover industry.

For large retailers with hundreds or even thousands of locations or franchises, the security and IT expertise varies considerably, however, they need to help protect their organization from breaches. By leveraging the benefits of SD-WAN and managed security, the SASE framework can simplify network management and security for retail IT teams.

Be ready for tomorrow’s security threats with the next generation of secure networking solutions, with Ethernet, SD-WAN and advanced security, from Comcast Business. To learn more visit business.comcast.com/ enterprise/industry-solutions/retail