eCommerce security is vital for maintaining your customers' trust and business. It only takes one breach to lose a customer forever, so a widespread or widely publicised breach can seriously harm your business. To ensure you aren't putting your business and your customers at risk, you need to thoroughly and routinely check you have a secure ecommerce platform.
Here are 10 questions to ask yourself when it comes to ecommerce security:
1. Is the ecommerce platform I am using secure?
A secure ecommerce platform is essential to gaining the trust of customers. To ensure the ecommerce platform you are using is secure, here are some suggestions:
Ensure your web store was designed using a sophisticated object-oriented programming language.
Ensure you apply the automatic, plugin and theme updates to ward against security threats.
Change your admin path from the default to make it harder for hackers to find.
2. Am I storing sensitive data?
While customers enjoy the convenience of having their details pre-loaded for each purchase, keeping this data on file long-term is not worth the potential security risk. Ideally, maintain just enough customer data for refunds.
3. Has the security and vulnerability of my ecommerce platform been tested?
To be sure the measures you've taken will work as intended, your ecommerce security needs to be tested. Bring in an independent security-testing agency or ask your ecommerce solution provider, as it's unlikely you or your staff will have the up-to-date knowledge required to deal with such ever-changing threats.
4. Do I require my customers to use strong passwords?
Given the choice, many customers will opt for a simple, memorable password over a safer, complex one. Make sure that your web store prompts them to add letters, numbers and symbols to make a memorable password that is harder for hackers to crack.
5. Have I set up alerts for suspicious activity on my site?
Examples of suspicious activity include different names for card holder and recipient, a customer placing multiple orders with different cards, and area codes on phone numbers that don't match the billing address. Without automated system alerts, this activity can slip by unnoticed, so ensure you have these set up.
6. Does my ecommerce platform offer a layered security approach?
While firewalls are a good start, you need additional security measures in place to safeguard your data. Adding search queries, login boxes and contact forms will ward against application-level attacks, so make sure your ecommerce platform allows you these options.
7. Does my ecommerce provider have accurate tracking and product order codes to reduce chargeback fraud?
When customers claim that a product they bought was never delivered, tracking and product order codes will help you find the truth. As fraudsters will repeat successful scams over and over, having these measures in place can potentially save you a lot of money.
8. Do I have a disaster recovery plan? What should I do if there is a security breach?
Because security breaches can damage both your income and image, you need to have a tested disaster recovery plan in place. Automatic system backups are a great way to minimise a disaster's recovery time.
9. What payment systems am I using and how secure are they?
To prove to your customers that your site is secure, ensure your shopping cart has an SSL (Secure Socket Layer) certificate. An SSL shopping cart encrypts data in transit, and validates information in real time to prevent fraudulent transactions.
10. Do I have a DDoS protection strategy?
A Distributed Denial of Service (DDoS) attack is where many compromised systems coordinate to make your online business inaccessible to users. Consider using cloud-based DDoS protection, as it’s both economical and effective against even complex attacks.
Unless you take your ecommerce security seriously, someone else will take advantage. We at Neto provide a comprehensive, secure ecommerce platform for your online business, ensuring that when your security is put to the test, you’ll be ready.