NRF releases new resources to help retailers safeguard data

RetailME Bureau

The Association for Retail Technology Standards (ARTS) has announced several new resources to help retailers safeguard their data. ARTS is part of the National Retail Federation’s (NRF) Technology Leadership Community dedicated to helping retailers and solution providers identify, adopt and integrate current and emerging information technology standards.

“Protecting customer relationships and important enterprise data is a top priority for retailers,” observes Tom Litchford, NRF vice president of retail technology. “Data security is everyone’s job and these resources will hopefully enhance collaboration between software developers and security professionals with the goal to improve it.”

The three newly designed security programmes by ARTS exclusively for retailers include:
ARTS Cybersecurity Primer is intended for non-security experts such as data enterprise architects and those who develop and implement various IT systems, networks or applications within an organisation. This paper provides a high-level outline and guidance on what developers and architects should be wary of in areas of relevant risks as well as topic areas for further research related to common best practices and management strategies.
ARTS Data Privacy Primer provides a base for architects and product managers to recognise what data is classified as sensitive and what the risk is. It also gives input to help organisations develop privacy policies. In addition, the primer offers recommendations to CIOs and architects for enabling a privacy-by-design approach to development and testing as well as an understanding of the privacy implications of development, testing and operation activities.
ARTS Data Classification Template provides a basis for retailers to begin developing their own data classification models without having to start from the scratch. Using the ARTS retail data model, the template highlights data that retailers might want to give additional attention to in the areas of PCI DSS requirements, privacy and potentially sensitive corporate data.
“Retailers today face major challenges in securing personal data of their customers and their employees,” says IBM Worldwide research lead and work team chair Sima Nadler. “IBM was pleased to be able to contribute to a resource that will increase understanding of issues around privacy and data security in retail IT development.”