Why?
Replacing the old traditional methods, mPOS are picking up their pace at the retailers all over the world. Due to their pole to pole availability everywhere, mobile point-of-sale systems and applications have become a new target for the cyber attackers. Enticed with the heaps of consumer information and data available, a cybercriminal can find a legitimate way to access the systems through security controls, accessing server anonymously and also by finding a logical flaw and exploiting it. As the systems in a network increase, so does the threats and the attacks. Avoiding such attacks is difficult but with few measures, we can detect them and try to mitigate them. Sandboxing is one of the solutions that can handle such issues. Simply put, sandboxing is implemented in application layer that virtualizes software and allows processes and programs to run in their private virtual environment.
Issues:
To build a highly secured wall around your applications, systems and the network and protecting from the breaches and the attacks requires skilled personnel, and equipment which involves too much investment such as cost, time and the energy. Sandbox could be a solution to many of these trade-off issues. If anything is found to be suspicious, sandbox immediately runs the application without affecting itself with the malicious actions the application might perform.
Instead of using so much workforce, a system administrator could support and maintain a sandbox. He can manage the history of the tests, setup the dates for refreshing the sandboxes, maintaining the status of a sandbox; active or inactive and its assigned tasks.
As already discussed, sandbox creates a virtual environment and hence we do not need to copy agent or user profiles, Apps and their integrations, APIs and automations or macros.
Implementation:
Implementing a sandbox is a user-friendly procedure. Following the manual instructions, we can create a sandbox. To begin with, appoint a data admin or a sys admin to take care of the sandbox and initialize it.
Hardware and software requirements: A computer with a minimum of 8gb ram and decent processors would be enough to setup a sandbox.
Security frameworks such as SELinux, Apparmor or the sandbox built linux kernel secure computing mode(seccomp) would be supporting the sandbox implementation. We can also implement it using Java applets in JVMs, common language runtime in .NET.
Sandbox would not need many physical resources but a secured computer which can be kept active all the time to test the malicious applications that try to connect. As the network grows, we can increase the number of sandboxes if needed and improve the filtration process.
Data or sys admin can setup the environment and also choose the premium or standard version of it. Based on that he can keep the track of the data which includes its status, next refresh date, availability and the data to be entered.
Justification:
Being a mPOS company it draws attention of several attackers as it has heaps of consumer data.
Fraudsters can exploit and get access to the sensitive information such as credit and debit card data to do illegal purchases. Hence it is important that the retailers improve the application’s security through implementing sandbox which could help in integrating itself to the existing security solutions. Malware attackers could find vulnerabilities in the mPOS applications and may try to steal money from the consumer bank accounts. By building a sandbox, it can detect the traces of malware and monitor its behavior. When there is an irregular behavior, it runs the program and filters all such kinds of may-possible-attacks.
Sandbox would not only provide security but also scalability. Many number of consumers will be using the application at the same time. It is the company’s responsibility to keep the system up even when there is overhead of traffic. Sandbox can scale the network traffic and also can analyze the files through managing the events occurring.