Overview

At a market size of $5 trillion, retailers have one of the largest information security risk surface areas. With millions of customers using credit cards, web- and mobile-accessible shop fronts, plus wireless networks at brick and mortar stores, and extensive, interconnected supply chains, retailers are more than ever in the crosshairs of every cyber-criminal.

Read More

Aujas Solutions

We assist our retail clients in effectively protecting their data, managing security incidents and vulnerabilities, and governing their risk and compliance programs. Find out more about our:

Data Protection

The retail industry depends on data and protecting it is of prime importance. Retailers’ data has privacy and financial implications because it includes customer demographics and payment details.

Our data protection service helps retailers identify and classify sensitive data throughout its lifecycle, including how it is stored, processed and transported across the organization. We assist our customers with:

  • Establishing a data protection framework and strategy to help govern the management of sensitive data such as customer demographics, card data, shopping history, loyalty program, supplier information, pricing, marketing plans, and more.
  • Conducting data flow assessments (DFA) to identify where and how sensitive data is stored and used. We also conduct data leakage risk assessments (DLRA) to identify breach vectors and risk.
  • Integrating popular data protection technologies such as data leakage prevention (DLP), database activity monitoring (DAM), information rights management (IRM), data encryption, tokenization and masking/redaction technologies.
  • Monitoring their data protection technologies to identify potential data breach incidents, manage consequences, improve effectiveness by fine-tuning rule bases, and moving rules to active protection from passive monitoring.
Our data protection experts work with the retailer’s functional areas such as sourcing and procurement, store operations, finance and accounting, HR, IT, marketing, and others to identify and secure sensitive data. Learn more about our data protection services.
Risk & Compliance Advisory
Retailers must comply with standards and regulations including PCI DSS, FACTA, privacy acts, and in some cases HIPAA. Retailers also look to implement an information security management system that is aligned with industry best practices such as ISO27001 to govern their security program.
We provide services that not only help with compliance with PCI DSS, they help retailers automate GRC programs. Our risk and compliance services include:
  • Our integrated governance, risk and compliance (GRC) management approach allows our customers to build a system that integrates all the compliance requirements to minimize audit fatigue.
  • We help our customers through the journey of PCI DSS compliance by not only assessing the readiness levels (which is easy) but also helping in the readiness efforts. Our Compliance Manager solution helps our customers automate self-assessments.
  • One of our specialties is IT GRC automation consulting using RSA Archer eGRC Suite. We support our customers through the lifecycle of blueprinting the solution, deploying it, integrating it with the organizations processes and systems, and managing it. Learn more about our risk and compliance management services.
Security Intelligence

Knowing they are big targets for hackers, retailers today have deployed technologies such as traditional SIEM, the newer security analytics engines, exfiltration detection, advanced malware detection, and data leakage prevention.

While these technologies are critical for the success of incident management programs, retailers can still struggle with implementing them effectively. That’s where Aujas can help. Our services are designed to help retailers gain the maximum return on their investments:

Risk & Compliance Advisory
  • We assist our clients in establishing a more responsive incident management program by incorporating proactive and reactive processes. We enable our customers to define Indicators of Compromise (IoC), work with threat intelligence, and use it with their threat management program.
  • We use our Correlation Library to provide an accelerated deployment of rules for various SIEM/SA/SI technology providers.
  • We offer our solution for Analytics & Visualizations beyond SIEM/SA tools, to help security leaders see through the reporting fog and focus on what is critical.
  • We design custom SIEM/SA solutions that go beyond the traditional security event analytics and integrate analysis and correlation capabilities to solve other issues such as identity fraud. Learn more about our security intelligence services.
Threat Management

Many retailers offer online and even mobile shopping to their customers. Some sell their products only in online stores. While this is convenient for customers, it presents big security challenges for retailers.

Our application security services allow our clients to assess and secure the infrastructure, and web and mobile applications:

  • We help our clients design, develop and manage vulnerability management programs that leverage threat intelligence to anticipate and proactively mitigate vulnerabilities.
  • We assess infrastructure, application and mobile application security by conducting a vulnerability assessment, penetration testing and code reviews. We don’t stop at scanning technology; we help you mitigate the risks found. Our security assessments meet and exceed the ASV standards set forth by PCI.
  • We help our customers mitigate Advanced Persistent Threats with our APT risk mitigation service.
  • We offer human behavior evaluation using our cloud-based Phishnix. This program not only assesses how susceptible people are to phishing attacks, it trains them to avoid attacks. Learn more about our threat management services.

Case Studies

Retail

Retail Giant Eliminates Data Leakage Threats

Our client is the world’s third largest retailer with a turnover of $115 billion (£72 billion), a presence in 12 countries with a market leader position in six. With over half a million employees, 6,600 stores, and a strong online business, this retailer is known for bringing best value, choice and service to millions of customers. The company also operates an extensive loyalty program that has operations similar to a bank.

Download case study