The publicity surrounding such high profile retail hacks is bound to cause nervousness and anxiety among customers engaging with retailers online, making them more cautious about entrusting their personal and financial details to company web sites. The fact is, however, that it’s not just online sites that are vulnerable to hacking. Traditional retailers need to protect their systems and to appreciate the risk to their reputation if orders are lost or transactions fail. Following these four top tips can help online retailers to be prepared.
The phenomenal growth in online retail has reached the point where it has become an integral part of our daily shopping experience. Indeed, for many people, it has become their preferred method of buying products, goods and services.
Unfortunately, online retail’s success has been marred by the shadow of hacks and security breaches. This became glaringly apparent in 2014 with a number of high profile retail breaches including Target, UPS, Home Depot, Kmart and Staples. More recently, Carphone Warehouse revealed that personal information on as many as 2.4m customers may have been accessed in a cyber attack.
1) Compliance is the key
The world of e-commerce is growing at an extraordinary rate and having a profound effect on buying and selling practices in the process. But while there are many advantages and benefits to buying and selling online, they can be swiftly undermined by security failures. It is no understatement to suggest that retailers, online and offline, need to do their utmost to protect customers’ data.
At the very least, they should adhere to existing regulations by ensuring they are PCI compliant. The business requirement of protecting customer data also demands that retailers have a cohesive Disaster Recovery (DR)/ Business Continuity (BC) plan in place to ensure they can continue running in the event of a disaster.
2) Security needs to be affordable
But while circumstances are forcing many retailers to accept the necessity of providing adequate security for their customer data, they need to find a way of doing so without adding an unsustainable layer of expense to their margin intensive business model. Many retailers are likely to agree that a PCI compliant DR solution is desirable, but it also needs to be affordable. To try and achieve their desired outcome, retailers will have to evaluate the options in the market to find the DR provider that best suits their IT infrastructure. The good news is that there are DR solutions available that can address their needs.
3) How to get your strategy right
Backup and DR are becoming vital requirements for all companies, including SMBs, but if retailers don’t put the appropriate strategy in place, they could be setting themselves up for a very dangerous fall and the damage to their reputations could be irreparable. This would be especially unfortunate when technologies such as cloud-based provision of DR as a service are starting to make it simple and affordable for most retailers to have an effective strategy in place.
At a time when businesses can be placed at great risk, just with the simple click of a mouse by a malicious hacker, it would be risky and foolish to ignore a solution that can ensure disaster is avoided. With a number of single click solutions available, the retailer is able to resume its normal, every day activities, quickly and efficiently.
4) Let technology do the rest
Technology has done a great job helping retailers to broaden the ways in which they engage, interact and transact with customers, but it has also made them potentially more vulnerable on a wider number of fronts to data loss. Retailers are under pressure to do more to protect customer data and to ensure their systems are safeguarded from potential downtime, disruption and disaster.
So long as they get the strategy right and choose wisely, technology can do a lot to help retailers achieve those objectives without breaking the bank or disrupting their existing infrastructure.[su_box title=”About David Fisk” style=”noise” box_color=”#336588″]
David is EMEA Sales Director at Quorum. He is an experienced IT Sales Director with a proven track record developing, mentoring and leading successful sales teams to deliver against quotas of between £4m and £60m p.a. He has an ability to manage demanding, lengthy and complex sales cycles, asking the right questions, involving all relevant stakeholders and managing successfully through to contract completion. David builds excellent customer relationships through integrity, credibility and has being able to articulate business value at all management levels through to blue chip companies.[/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.