8 tips for website and e-commerce security

Cybercrime has reached epidemic proportions. The global cost of cybercrime exceeded $450 billion in 2016, and the annual cost of data leaks worldwide is expected to reach $2.1 billion by 2019. Companies targeted by cybercriminals have a lot to lose : According to the Cisco 2017 Annual Cybersecurity Report, of organizations that experience attacks, 29% lose revenue and 38% lose more than 20% of their total revenue. 

 2016 retail sales only grew by 2.2% from the previous year, while ecommerce sales have been growing by a yearly average of 15%

But businesses aren't the only victims of cybercrime, and your brand could lose more than just money. When buyers agree to purchase from you, they trust that your website is secure and that you will protect their valuable and potentially sensitive information. Unfortunately, if your business is targeted, there's a good chance it's your customers who will suffer the most. 

E-commerce security


Cybercriminals have your customers in their sights

Recently, a breach at one of the three largest credit bureaus in the United States may have affected as many as  143 million customers . And although this particular episode is worthy of being written down in the annals, it is certainly not an isolated event. All businesses (large and small, B2B and B2C) are under attack, and the most common target is sensitive customer and user information.

Your customers' personal information has value. For criminals, a stolen credit card number has an obvious use. But beyond that, relatively innocuous information found on the web, such as names, phone numbers, emails, Social Security numbers, and so on, has interested buyers waiting to get their virtual hands on it, causing potentially endless problems for customers whose data have been compromised. Ensuring top-notch website security should therefore be one of your business priorities.

Customers who lose personal information to cyber thieves could see it for sale to spammers and scammers, and be hounded by email or phone for years. They could suffer from the financial ramifications of credit fraud, which would damage their credentials and cause thousands of dollars of debt. Some victims may even find themselves guilty of crimes committed under their names. To top it off, victims of data theft will likely have to spend hours, days, weeks or even longer trying to track down and resolve the mess associated with the loss of their personal data.

For companies that have built their business on customer trust, failing to ensure website security is simply unacceptable.

Adopt these eight strategies and ensure the security of your customer data

Sharing information is a necessary part of business in the modern age. Many buyers accept this and are willing to believe in your company by entrusting it with their sensitive data, as long as it is capable of protecting it! If you set up your site security correctly, you will maintain customer trust and avoid catastrophic consequences.

Here are eight tips for building an effective customer data security strategy.

Comply with regulatory standards.

When money changes hands, the stakes are really high, which is why customers want to know that you're doing everything in your power to protect their data. By adhering to industry and regulatory standards for e-commerce security, your brand is not only demonstrating to customers that you care about their security, but also promoting responsible business practices within your organization.

Leverage the most trusted security resources.

From the moment your customer swipes their credit card or clicks "submit" on an online form, the security of their data is your responsibility. Investing in the right ecommerce security resources is essential to keeping that data safe. Point-to-point solutions encrypt credit card data from the first moment the card is swiped throughout the payment process. Likewise, as the focus continues to shift from in-store to online security, antivirus and firewalls are just the beginning: intrusion detection systems, vulnerability monitoring,

Use only PCI-compliant payment devices.

Machines that process credit card transactions in-store should always adhere to PCI compliance standards. PCI compliance standards are a set of rules and best practices designed to ensure that companies handle customer credit information securely. PCI security is a standard for all businesses and industries of all sizes, and organizations that neglect PCI compliance could face fines or penalties, as well as putting the security of customer data at risk. Make sure you comply with PCI security standards to avoid potentially catastrophic consequences.

Train employees effectively.

Your employees can be your most reliable firewall against data theft, but only if they are trained properly. Ultimately, data security isn't just an IT department's responsibility: it's a responsibility for everyone who works for your company. Coordinate departments and provide ongoing security training so everyone understands the essential role they play in protecting customer data.

Use security best practices.

Going hand in hand with employee security training, best practices provide your organization with a standard set of rules that can be followed to help reduce data risks. Placing restrictions on BYOD and employee data access reduces the number of potential security weaknesses. Locking office computers when not in use reduces some of the dangers of theft or loss of devices. Implement data protection policies throughout your company so employees can learn the most effective ways to keep data safe.

Inform customers.

Employees and systems aren't the only target of data thieves. Customers themselves may be missing out on sensitive personal information while interacting with your business. Update your customers and help them understand the risks they face by providing unprotected data. Sensitive data shared over insecure digital channels (such as most email servers) could be intercepted and exploited. Raise awareness among the customer base to share personal information only on secure and encrypted systems and to avoid sites that have suboptimal or non-existent web security.

Delete customer history regularly.

When it comes to customer data, many organizations have the knee-jerk reaction of wanting to hold on to as much information as possible for as long as possible. But while some data offers analytical benefits, information such as credit card numbers, CVV2 codes and Social Security numbers have no demographic relevance. Keeping this information on file longer than is strictly necessary to facilitate a transaction exposes customers to significant risk in the event of a data leak. Regularly delete this type of data from your systems.

Keep up to date on updates.

The security of your website is of primary importance. It may seem obvious, but keeping company software up to date is one of the most effective preventative actions a company can take to protect customer data, even if it is very often overlooked. In addition to allowing the security software to be able to neutralize the latest and most innovative attacks, the updates also take care of fixing already known problems in company systems and across all departments. Unfortunately, research suggests that more than  50% of enterprise computers  have outdated versions of major operating systems.

73% of shoppers use multiple channels during their shopping journeys.

Protect your customer data: frequently asked questions

With every interaction, every communication and every exchange of money, your customers generate data, which if it ends up in the wrong hands, can create endless problems.

Customers are the lifeblood of your brand. In trusting you with their information, customers trust you and expect you to keep it safe. Live up to the trust given to you. Protect her. And when cybercriminals target the people who keep your business alive, put tools and strategies in place to block every attack. To learn more about how you can protect customer data, check out  Salesforce Commerce Cloud  and give your customers the data security they deserve.

 

Comments

Post a Comment

Popular posts from this blog

Cybersecurity tips for small businesses

Image
 Do you know the basics to protect your small business from cybercrime ? Read to learn the steps you can take to keep your small business safe in the cyber environment. When it comes to running a small business, cybersecurity solutions are not always the most fun topics to discuss and are often overlooked or forgotten. But in reality, you're only as safe as the weakest link, so making sure you adopt good protection practices to safeguard your business from data breaches, hacks and scams is paramount to maintaining a trouble-free business. Let's use an analogy to review some cybersecurity concepts for small businesses. Think about a traditional business with a physical location. What are the access points to enter the building? You are probably thinking about doors and windows. And you've probably already implemented measures to protect access. You have locks on the doors. You may have an alarm installed and possibly security cameras, motion detectors and lights. The custome...
Read more

7 cybersecurity tips to protect your company

Image
Computer viruses such as  WannaCry , which in 2017 affected companies in more than 100 countries around the world,  have managed to infect the computers and internal networks of SMEs and multinationals. The need for companies to protect themselves against the millions of  malware that are launched annually in the world is increasing. The digitalization of companies, their purchasing and selling services and other internal processes, favors the growth of these attacks. And not only are they increasing in number, they are also becoming more sophisticated. Any protection is insufficient after verifying the capacity of these attacks to completely paralyze the activity of a company, attack its assets or blackmail its leaders and employees. In this article we compile some  aspects that you should take into account when protecting your business  against this type of threats. 7 tips on cybersecurity Update the software : Although it seems like an obvious measure, thes...
Read more

How to defend yourself from a hacker attack

Image
What should you do when you suffer a hacker attack? A guide to the weapons of computer pirates and the possible countermeasures to be implemented. How to defend yourself from a hacker attack We tend to think that hacker attacks are something out of a movie, that at most they concern large companies, or unaware individuals without a certain knowledge of the internet. However, attacking individual users has fallen into disuse, and while it may seem more tempting to attack a large business, it is actually very profitable and popular to attack a small business. The favorite victims of computer hackers are hospitals , schools , financial institutions , but above all SMEs , which often do not have adequate defenses. Types of cyber attacks Hacker attacks are carried out mainly for two objectives: extortion of money , or theft of information . To achieve their goal they use various techniques/tools including: Malicious software , such as malware , of which the most popular is ransomware , whic...
Read more