Payless Grocers, a family-owned three-store grocer in Wise County, Va., has deployed a single-vendor managed security solution to achieve PCI compliance at point-of-sale systems in the stores as well as at the gas pumps outside one of them.

The grocer is working with Greensboro, N.C.-based Secure Designs, Inc. (SDI) on the project. Payless operates gas pumps at one of its outlets, and runs a customer rewards program both for gas and for grocery sales at all three locations. It was therefore essential to establish reliable, seamless and secure communications between the supermarket POS systems, the gas pumps and the gas wholesaler. Secure communications are especially important for the rewards marketing agency that needs to access the Payless system -- including gas pumps -- to maintain the program.

“Gas price posting is very sensitive and changes all the time,” said Alan Atwood, VP of Payless and son of the company’s founder. “Price adjustments need to be made in a very timely way, so communications need to be seamless, secure and uninterrupted.”

Compliance with the security requirements of PCI regulations is one of the most complex and time-consuming aspects of IT, according to many retailers. By outsourcing this to SDI, however, Atwood leaves it to the experts, which he said gives him peace of mind, and the ability to focus on his stores, his family and his participation in IGA affairs as a board member of the association. “Now that it’s installed and running smoothly, it’s a background operation and I don’t need to pay attention to it on a daily basis,” he said. “Managing security is complex -- it would drive me crazy if I had to do what I pay SDI to do!”

SDI performed the complete installation of the security system, based on SonicWALL firewall solutions. For a fixed monthly fee, it manages, monitors, reports on and trouble-shoots all aspect of the Payless network. SDI coordinates closely with Atwood and the IT consultant (whose role is primarily to interact with the rewards marketing company’s IT department) to ensure that all aspects of the network are operating effectively.