Own a Cannabis Business? You Need Cybersecurity

Own a Cannabis Business? You Need Cybersecurity

You wouldn’t necessary think this, but a cannabis business holds a treasure trove of information bad actors are anxious to steal. Because the industry is in its infancy, hackers are very attracted to it, hoping cybersecurity isn’t even on your radar. If they get in, they will sell your data on the dark web, encrypt it for ransomware, or even worse, provide it to your competitor down the street.

Consider this: At a minimum, your business holds a customer’s personal, and perhaps, their medical information. This includes their date of birth, driver’s license number, SSN, credit card number and medical information.

Add to the fact you are bound by at least two regulations, HIPPA if you are a medical marijuana establishment and PCI-DSS if your business accepts credit cards.

This blog will focus on ways to protect that data and keep your business going and growing!

Five Proactive Measures to Protect Your Business

  1. Use an airtight Point of Sale (POS) system.
    Make sure your POS network offers end-to-end encryption for credit card transactions. In addition, call your provider and review how your customer’s data is protected, where it is stored and how you will be alerted if critical updates are needed on the system. If there isn’t a systematic process to their offering, switch POS providers as soon as you can.
  2. Establish a system integration plan.
    Your business may have several apps such as QuickBooks and BigCommerce that you want to sync on a real-time basis with your POS system. While this makes great business sense, you may be leaving gaps for cybercrimes to happen. This is where a good cybersecurity audit comes in to measure your vulnerabilities and fix them before they become problematic.
  3. Keep employees out of data silos they don’t need to do their jobs.
    Establishing who can access your data and at what level is vital to making sure one of your own doesn’t accidently open the gate to a hacker.
  4. Make sure your operating systems, applications and anti-virus software is up to date.
    This is the number one method cybercriminals get into your system.
  5. Outsource cybersecurity.
    Look for a firm that has the following capabilities:

    1. Security Operations Center that can continuously monitor your network
    2. Security Information and Event Management analytical tool that provides real-time analysis of security alerts generated by applications and network hardware
    3. User and Entity Behavior Analytics models to identifies typical and atypical behavior of humans and machines within a network.

About Axiom Cyber Solutions

We can provide your cannabis business with a holistic solution that is nearly impenetrable, using all the tools and techniques listed above. We will monitor your organization around the clock and make hundreds system updates per day to keep hackers out. Contact us today for more information!

HARDCAR Distribution Partners with Axiom Cyber Solutions to Help Cannabis Businesses Protect Their Customer and Business Data

HARDCAR Distribution Partners with Axiom Cyber Solutions to Help Cannabis Businesses Protect Their Customer and Business Data

As the cannabis industry continues to grow, so does the amount of business intelligence and personal information available to hackers and other entities, making cybersecurity more critical now than ever before.

June 26, 2018 – (Palm Springs, CA) – HARDCAR Distribution is excited to announce a newly minted partnership with Axiom Cyber Solutions to protect businesses in the cannabis industry from cyber attacks and the theft of valuable data. New businesses are coming online every day as the cannabis market explodes throughout the United States and Canada, making them prime targets for hackers.

Although HARDCAR Distribution brings years of security experience to the cannabis industry ensuring the safe and secure transport of cash and product, they understand the importance of protecting their clients on every level. With Axiom’s team of infrastructure specialists, developers, database and business intelligence experts, and project managers, growing cannabis businesses now have a full-service solution with the addition of cutting edge cyber security technology.

“There are few industries bringing the kind of attention like the cannabis industry, so partnering with Axiom was a no-brainer. Not only do they provide an incredible service, but they do it at a relatively inexpensive price that startup businesses can afford. The future for cannabis is massive and we need to make sure everyone is protected!” – Todd Kleperis, HARDCAR Distribution CEO

Axiom Cyber Solutions offers solutions that keep valuable information safe and secure, monitoring 24 hours a day to ensure the highest levels of protection against hackers and other entities. As medical and recreational cannabis become legal across North America, cannabis businesses are at greater risk of having their patient information, intellectual property, distribution and route information, vehicle information, and other valuable data, stolen.

“An important aspect of the cannabis industry is the reputation of your business and there’s no worse way to compromise it than having to tell your customer’s that you’ve lost their data in a breach. Besides your customer data, you have proprietary information on your blends, grow operations, and business practices that competition would love to have. And lastly, the industry is investing heavily in smart, internet-connected technologies to aid and improve grow operations and these systems need to be protected. Could you imagine having an entire crop destroyed because someone hacked in a changed the environmental settings of your internet-connected HVAC systems?” – Troy Wilkinson, CEO of Axiom Cyber Solutions

Although data management and cyber security are often the last item on an organization’s lengthy to-do list, the need for a secure platform is more critical now than ever before. As the cannabis industry continues to grow, small operations are expanding into large scale ones and companies are scrambling to find solutions to their network and IT security. Axiom offers a variety of solutions to keep businesses secure:

  • Managed Enterprise Cybersecurity
  • Continuous Risk and Compliance Monitoring
  • Vulnerability and Penetration Testing
  • Smart Home Cybersecurity

The cannabis industry offers a massive amount of valuable information, including Personal Identifiable Information (e.g. SSNs, Birth Dates, Addresses, etc.), Protected Health Information (e.g. patient name, address, certification/license numbers, medical record numbers, health related information, account numbers, SSNs, etc.), and Business Intelligence (e.g. research and development, inventory, product intelligence, software applications, payouts, manifests, equipment, sales, etc.). Unfortunately most business systems are being monitored by untrained staff, or not being monitored at all, putting companies at a huge risk.

With this risk being so high, HARDCAR and Axiom are dedicated to protecting their clients on every level, including threats against cyber attacks and data theft. For more information, please contact Axiom Cyber Solutions at info@axiomcyber.com or call at (800) 519-5070.

Media Contact
Jon Pierce
jpierce@hardcar.com

About HARDCAR Distribution

HARDCAR is an award-winning and long-time contributor to the cannabis space, with a proven track record of cultivating and solidifying meaningful relationships throughout the industry. From packaging, to distribution, secured storage, and transport, HARDCAR Distribution has all aspects of cannabis retail covered. Through collaboration with our diversified team of highly qualified and talented professionals, we help cannabis businesses stand out in the industry by providing the highest quality industry services that keep our partners’ products safe, while maintaining excellence and compliance throughout our work.

For more information, please visit hardcar.com

About Axiom Cyber Solutions  

Axiom Cyber Solutions strives to be the leading cyber-security technology partner by providing world-class solutions that are intelligent, adaptive, innovative, and automated. Through our technology solutions, we enable our clients to be disruptive in their markets while remaining focused on what they do best. We believe in the saying “if you find a job you love, you never work another day in your life”. We seek to cultivate a culture that attracts energetic, motivated, and creative individuals that share our passion for technology.

Is Your Cannabis Business Safe from Hackers?

If you’re in the cannabis industry, you would have heard about the cyber-attack earlier this year that brought down MJ Freeway, one of the largest cannabis compliance software systems in the industry.

This should have been a wake-up call for everyone that hackers are targeting the industry for a variety of reasons: profit, notoriety, or political statement.

Despite the seriousness of the MJ Freeway cyber-attack, today we’re still finding many businesses in cannabis are not taking cyber-security seriously, leaving themselves wide open to an attack that could bring their operations to a grinding halt.

If you’re not taking steps to ensure your cyber- and data-security is airtight, here are some real consequences your cannabis dispensary could be facing with a cyber-attack:

Patient and Customer Data

When you accept medical patients and clients, do you store their personal information on your servers or in the mythical, magical cloud?

If you do, then your data is at risk if you do not take steps to ensure your cyber-security and data security strategy is strong and impenetrable by hackers.

These talented hackers can target your systems to steal your customer information, and use it against you by holding it for ransom like they did for HBO or sell it on the Dark Web, or worse, delete it so you cannot recover the information.

There is no worse way to compromise your cannabis business’s integrity than having to tell your customers you’ve lost their data.

The recent Equifax hack demonstrated the value of personal information on the Dark Web. Hackers can relatively easily steal your data to sell to other unscrupulous individuals who will use the information for identity theft.

If you collect data that is regulated under the Health Insurance Portability and Accountability Act (HIPAA) and have a cyber-security breach, you’ll face serious finds from Health & Human Services.

Ransomware is the hot new cyber-crime trend that netted cyber-criminals hundreds of millions in ill-gained profits by encrypting business’ data and holding it for ransom, which puts businesses between a rock and a hard place: Do you pay the cyber-criminals to get your data back or do you start over from scratch?

Point of Sale (POS)

While credit card theft is not a large area of concern for many, there are still vulnerabilities within point-of-sale (POS) that need to be addressed.

POS systems are connected to the internet via servers and need to be protected and separated from the rest of the network to ensure that if a hacker gets into your back-office, they can’t move into your POS network.

There are plenty of examples of the theft of credit card data from POS systems infected by malware (Sonic, Whole Foods) but there also are verified cases where hackers have been able to change product prices for purchases after compromising a POS system. For example, instead of selling a product for $100, a hacker could change the price to $1 before checking out, costing you big money and allowing a hacker to take advantage of you big time.

Grow Operations

Grow Operations are increasingly sophisticated and use complicated internet-connected devices and HVAC systems.  Not taking the time to adequately secure you networks to ensure a hacker can gain access could allow them to gain access to your HVAC and change your room temperature and destroy your crop.

The sad and scary news is, your competitor may be the brains behind hacking your unsecured connections and data. Some companies are hiring hackers to destroy your business through a cyber attack and put you out of business.

The Target data breach was orchestrated when hackers jumped from the building’s unprotected HVAC systems into the company’s network and then into the point-of-sale system. This shows that not only are the HVAC systems vulnerable, but the HVAC system could be a your point of vulnerability that will allow a cyber-criminal access into your entire computer network.

Keep Asking Yourself This Question

Keep asking yourself this question for your cannabis retail operation: “What harm could a hacker do?”.

The answer is a lot and if any of these thoughts keep you up at night, contact Axiom Cyber Solutions or our partner, Hardcar Security, to discuss how you can achieve peace of mind and proper cyber-security protection for your cannabis business.