The Point of Sale (PoS) devices processing customers payments and programs which include customers Personally Identifiable Information.
Malicious programs sold on the black market, like the BlackPOS, a piece of malware which is designed to be installed on point-of-sale (PoS) devices, and it is capable of recording data from credit and debit cards through the infected system.
Microsoft Cybersecurity Team published a new paper focused on Protecting Point of Sale Devices from Targeted Attacks and provide guidance to hardening POS devices against attack.
MS cyber security suggest to follow these measures to protect the POS device from being comprimised:
1. Keep the POS operating system and application up to date with security patches.
2. Run the most current POS operating system you are able.
3. Use an application whitelisting solution to restrict applications.
4. Deploy a form of anti-virus to the POS device and keep the signatures up to date.
5. Use a technology to prevent unwanted changes to the POS device such as the Enhanced
Write Filter or network boot.
Download Microsoft Cyber ssecurity team paper Protecting Point of Sale Devices from Targeted Attacks