The security basics every ecommerce entrepreneur should have in place in 2020

cyber security lock connect block
Getty Images

As evidenced by the incredibly successful Black Friday, Cyber Monday and Boxing Day sales of last year the ecommerce industry in Australia and globally, is booming. From side-hustlers to major retailers, the number of businesses turning their attention to ecommerce is on the rise and with increased traffic, growing customer expectations as well as predicted industry growth, it’s worth taking the time to consider how well your business is protected.

In the rush to get established online, it can be easy to brush over security measures as a chore; perhaps something to revisit at a later date. However, as an ecommerce business grows, security issues – from the most basic; like authorised site entry, to the more significant; like data protection – can linger, making the company susceptible to exploitation in future years. 

There are several steps that every ecommerce business should consider, to not only protect themselves online, but to ensure the security of their customer information:

Update your security software

It’s a common misconception that the hackers behind the computer screen are sophisticated software engineers. Instead, many are simply utilising tools that they’ve purchased to search for and break through gaps in vulnerable sites. 

It’s a common mistake, but a significant number of ecommerce owners leave themselves open to exploitation from hackers simply due to out-of-date-software. The obvious fix? Hitting the ‘update now’ button as soon as it pops up is one of the easiest and fastest ways for retailers to protect their businesses from security vulnerabilities in the software that supports their websites operations. 

Change up your password

Instead of entering a website from the back, often hackers can simply log in, using stolen email addresses and passwords. The use of these valid credentials is known as “credential stuffing”, whereby information obtained through data breaches is purchased on the dark web and automatically used to gain fraudulent access to various user accounts. 

A recent study from Google highlighted the lax approach that many people take to their password. In fact, the findings suggested that 25 percent of those issued with a password breach warning, chose to ignore it. 

The high success rate of credential stuffing can be attributed to the fact that many of us use the same password across multiple websites and platforms. To protect your business, be sure to change your passwords regularly and use different passwords for every platform. You can even consider implementing Multi Factor Identification (MFA), to further secure your business. 

Encrypt your stored data

Payment security is crucial for every ecommerce business owner. Customers who do business with you, do so with a level of trust. They trust that their payment information will be kept safe. 

In order for an ecommerce business to operate, Payment Card Industry Data Security Standards (PCI DSS) compliance – including the encryption of payment data transmitted or stored online – is required. While SSL certificates help to protect the customer payment and personal information stored in your database, businesses can take their security measures one step further, by opting to encrypt all the data you stored in databases with a hashing algorithm. 

Some hashing algorithms are stronger than others, but essentially it means that hashed data cannot be transformed into the original plain text. Hackers who succeed in entering your site, will simply find useless, encrypted data. 

As this decade draws to a close, we can reflect on how far the ecommerce industry has come in just 10 years. As the retail industry and the number of businesses scrambling to claim a stake in the growing online audience increases, so too do the ways in which ecommerce businesses are open to cyber threats.

Learning about and fixing any gaps or vulnerabilities in site security goes a long way in not only understanding the infrastructure and ecommerce platform, but improving site performance in the long run. Success will come to businesses that take the time to ensure they  are thoroughly protected and that their customer information and payment details are safe from any unauthorised outsiders.


Copyright © 2020 IDG Communications, Inc.

The 10 most powerful cybersecurity companies