New reports of a major data breach—this time affecting an estimated 1.2 billion usernames and passwords and 500 million emails—is yet another wake-up call that Ecommerce can’t take their data security too lightly
You cannot go a day without hearing that someone or some group is hacking a website or stealing credit card and other sensitive data from ecommerce sites.
Over the years, the methods used by ecommerce sites to process and store credit card information has become much more sophisticated. This progress has helped online shopping overcome one of its greatest obstacles, consumer trust. As evidenced by the amount of money spent online each year, people feel much more secure in shopping online than they ever have. Unfortunately for businesses, cyber criminals trying to steal customer’s information have developed methods that make it easier than ever for them to compromise a web application.
In order to steal credit card information, sophisticated cyber criminals use bot nets to launch coordinated attacks against unsuspecting web sites, specially sites that are vulnerable to attacks. Read more about credit card fraud prevention
- They can use your server for mass mailing and thus blacklist your server. That may lead to your email marketing program failing miserably.
- They can use your hosting for storage. Consuming your server’s resources & bandwidth. This may lead to slow sites and bad user experience.
- They can misuse your server/domain for illegal/offensive activities & spreading malicious codes.
- Interrupts Business Process
- Loss Of Revenue
- Loss Of Brand Value And Customer Trust
- Spoils Other Search Engine Results
To protect (and reassure) your customers, it’s imperative to know how to protect your ecommerce and your sensitive customer data. Ecommerce and security experts at CIO.com share 10 tips on how you can prevent fraud and keep your site safe.
Tip#1 – Use a secure connection for online checkout — and make sure you are PCI compliant
Tip#2 – Don’t store sensitive data
Tip#3 – Employ an address and card verification system — Enable an address verification system (AVS) and ensure that the user should fill in the card verification value (CVV) for secure credit card transactions and to reduce fraudulent charges
Tip#4 – Encourage your customer & Employees to keep strong passwords
Tip#5 – Set up system alerts for suspicious activity — Set up system alerts for “multiple orders placed by the same person using different credit cards, phone numbers that are from markedly different areas than the billing address and orders where the recipient name is different than the card holder name.”
Tip#6 – Layer your security — Add extra layers of security to the website and applications such as contact forms, login boxes and search queries.
Tip#7 – Use tracking numbers for all orders — To combat chargeback fraud, have tracking numbers for every order you send out
Tip#8 – Monitor your site stats regularly — “Always have a real-time analytics tool” — It’s the real-world equivalent of installing security cameras in your shop.
Tip#9 – Make sure you have a DDoS protection and mitigation service. — Ecommerce sites should turn to cloud-based DDoS protection and managed DNS services to provide transactional capacity to handle proactive mitigation
Tip#10 – Keep a Backup Upto Date & Ready – Make sure you or whoever is hosting your site is backing it up — and has a disaster recovery plan.
| Should Do | Must Do | Recommend to Do |
|
|
|
Sitelock.com & Scuri.net click here to see comparison
BOTTOM LINE : THE QUESTION IS NOT IF YOU WILL BE ATTACKED OR NOT, BUT WHEN AND HOW YOU WILL DEAL WITH IT