Basic and Advanced Security Settings - Windows XP
Below are some reasonable and recommended preventative measures for our customers using standard (non-encrypting) credit card readers. We cannot guarantee they will stop or remove malware or security breaches but they will greatly reduce your risk. The key point of vulnerability is when cards are swiped. Key loggers can capture non-encrypted card data as it enters your computer. Again, if you have integrated card processing, the best solution is an encrypting card reader. Encrypted card data is worthless to thieves. If you cannot install encrypting readers, please thoroughly review this document.
Note! If you ever have a computer that you believe has been breached, we recommend that you format the drive, reinstall Windows and SuperSalon, and all software including anti-virus software, etc. We will assist you in the process. Note, you may wish to replace the hard drive with a new drive so that you can preserve the original drive for evidence if needed.
Basic Options:
- Initial Scan:
- Before you get started we suggest running malwarebytes to remove any existing malware. Simply download it, install and run the full scan. The free version is fine for removal, upgrading to the paid version offers real time protection. http://www.malwarebytes.org/ We highly recommend purchasing the full version and enabling real time protection and daily scans.
- Remote Access software
- Remove less secure remote access tools such as VNC
- VNC is identifiable via port scans and requires only a password.
- Go to Start -> Settings -> Control Panel -> Add Remove Programs -> VNC -> Uninstall
- If the option is not there, go to c:\SuperSalon\RealVNC and run the uninstall file.
- In the past we used version 4.1.2 which is determined to be secure, but we have decided to remove it as a precaution.
Click here for command line instructions to disable and delete
- If you want to use remote access software - we recommend you Install "two factor" login software. Two factor remote access is required by PCI. At minimum please never use VNC remote access software. At least use a more robust system such LogMeIn.
- LogMeIn cannot easily be found via port scan and it requires username and password.
- Follow these instructions to install logmein. Note: If the system has a kiosk (or slave systems,) Logmein will need to be installed on both the main computer and the kiosk.
- Remove less secure remote access tools such as VNC
- Verify Windows Firewall is On:
- Go to Start -> Settings -> Control Panel -> Windows Firewall -> ON
- When Windows Firewall is turned on, without any exceptions.
- Use Microsoft Windows 7, and ensure it is up-to-date with latest security patches. If you are using Windows XP, verify Windows Service Pack 3 is installed:
- From Desktop -> Click My Computer -> Click View System information. Under System, it should say "Service Pack 3"
- If not, you will see a link to update your system when you set updates to automatic in the next step.
- Set Windows updates to automatic
- Go to Start -> Settings -> Automatic Updates -> On (Select a time1:AM to 5:AM )
- Click the link "Go to Windows update website. Run the Express update option. Install all updates".
- Decline the reboot... finish the remaining steps. Reboot at the end. (otherwise you can't get back in sometimes)
- Install MS Anti-Virus. It is a free from Microsoft. (if no other current AV software is installed and updating)
- Click here for detailed instructions
- Download Here
- To install:
- Go to Settings -> Scheduled Scan. Check all three boxes. Set Type to Full Scan. Set time from 1:00 AM to 5:00 AM
- Go to Settings -> Real-Time Protection. Check all three boxes.
- Go to Settings -> Advanced. Check all four boxes.
- On main screen, set scan to full.
- Update SuperSalon to Ver: 5.5.X - Newer versions are more secure.
- Email technical support: support@rogerspos.com
- Call technical support: 888-458-1001
- Set your SuperSalon computer to run as a User, not an Administrator (much safer as trojans cannot easily install)
- If PC Charge is not installed on your system, you can simply create a User called Super-Salon, and run Windows as this user.
- GO to Start -> Settings -> Control Panel -> User Accounts -> Create new account. Enter Super-Salon as user name, and select Limited.
- To Keep staff from running system as an Administrator: GO to Start -> Settings -> Control Panel -> User Accounts -> Change Account. Select Administrator, the select Change my password. Add a password here.
- If PC Charge is installed for credit card processing OR gift card processing, you should run as a power user. This is a more complicated setup. It allows PC Charge to function (and it allows programs to install) but viruses cannot change Windows operating system files. Click here for a complete description and instructions
- If PC Charge is not installed on your system, you can simply create a User called Super-Salon, and run Windows as this user.
- Update or replace PC Charge if version is below 5.9
Note: We strongly recommend removing PC Charge all together so you are not storing card data on you system. We recommend moving to encrypted readers and web-based services such as Securenet: Click here to review the offer
- Backup the TID file in the current version of PC Charge: PC Charge -> Utilities -> Backup. Make a backup folder on the desktop and save it.
- Run 5.8 installer
- NOTE! If you change from PC Charge to Securenet or IP Charge, you will want to remove PC Charge from the system so there is no old card data stored on your POS system.
- Before un-installing PC Charge, please settle any remaining batches
- Delete the Active-Charge folder and empty the Windows trash.
- Close router ports
- Click here for detailed instructions or visit www.portforward.com if you know the make and model of your router.
- Again, Please ensure router password is changed from factory defaults! Use secure and unique password.
Note: If you ever find or suspect that your computer has malware such as a trojan or keylogger, we must recommend that you have a professional reformat your hard drive, reinstall Windows, reinstall SuperSalon and install your choice of antivirus software.
Reference
Liability waiver for customers using integrated processing with non-encrypting readersSuperSalon is now integrated with Heartland Payment System's E3 end-to-end encrypted credit card processing system
PCI compliant remote access for customers using PCCharge or IPCharge
PCI Links and POS Vendor Listings (SuperSalon is PCI validated and listed)
Please click here to read important security recommendations
Articles on Cybercrime and PCI
Rogers Software
- Disclaimer: http://www.supersalon.com/disclaimer.php
- Terms of use: http://www.supersalon.com/terms.php
- End User License Agreement: http://www.supersalon.com/terms.php
For sales information Call 888-458-1001 Email: sales@rogerspos.com
Salon Software, Salon Spa Software, Beauty Salon Software, Salon Spa Management
Salon & Spa Manager, Salon & Spa Equipment, Salon & Spa Computer, Salon Point of Sale Systems. Visit our Beauty and Health Links and our Software Links
Copyright © 2002-2011 Rogers Software Development Inc. All Rights Reserved - Terms of Use - Privacy Policy