Is Your E-commerce Site Secure from Hackers?
As 230,000 computers across 150 countries were hit in just one day by the catastrophic WannaCry attack, we saw just how important it was to ensure your systems can’t be exploited by out-of-date security versions and missing patches.
Despite this, many SMEs running e-commerce websites don’t appear to be taking these risks seriously. In a recent security survey of 60,000 websites on popular e-commerce platform Magento, 78% of websites surveyed were found to be missing vital security patches and updates that left them vulnerable to attack.
Loss of Consumer Confidence
Perhaps even more worryingly, 5% of websites surveyed were found to have been corrupted by data-harvesting malware that was already stealing their customers’ details.
Considering the huge penalties now at stake in the event of a security breach, such a level of vulnerability is worrying. Companies can face fines of up to hundreds of Euros in card company penalties alone, not to mention ICO fines and compensation.
Even if an SME isn’t bankrupted by penalties, the ensuing loss of consumer confidence can often be fatal.
Top Tips for Securing Your Website
If you run an e-commerce site and want to make sure your business is safe from hackers, here are some of our top tips for keeping your data secure.
- Run regular security audits – One of the biggest hurdles to ensuring data security is understanding how your data flow works and identifying any areas where a breach might be a risk. Regular security audits will highlight any vulnerabilities and help your business stay safe.
- Ensure your security software is up-to-date – This means not only making sure you’re using the latest version of your software but that you keep on top of any new patches that need updating.
- Don’t store sensitive data – The less customer data you have stored, the less risk there is of that data being stolen. Make sure you aren’t storing information unnecessarily or for longer than you need to as this will increase your vulnerability.
- Require strong passwords – Making sure your customer logins are as complex as possible will make front-end hacking more difficult. Try asking customers to use passwords with a required number of characters or numbers to make hackers’ lives harder.
- De-scope to a third party – The easiest way to ensure your e-commerce site is secure is to make sure you’re fully PCI DSS compliant and the easiest way to do this is to de-scope your services to a third party supplier like PCI Pal, whose solutions are already fully compliant. PCI Pal is also a Magento partner, making us the perfect supplier to ensure your site is secure.