I’m guessing I am not alone in this last-minute holiday buying rush, including looking for gifts online (and praying they arrive in time). I’m also probably not alone in wanting to be able to shop safely and not get the always dreaded letter telling me that my credit card or some other information was compromised online.https://o1.qnsr.com/log/p.gif?;n=203;c=204663295;s=11915;x=7936;f=201904081034270;u=j;z=TIMESTAMP;a=20410779;e=iProtecting consumer information and privacy during the holidays has to be a top priority for any ecommerce site. As Ron Arden, VP with Fasoo, told me in an email comment:
It’s no secret that this is the busiest shopping time of the year. As the volume of shopping-related transactions increases, so does the opportunity for hackers to perpetrate malicious attacks that can rob both retailers and shoppers.
But what about after the holidays? Consumers will still be shopping and conducting business online in January and beyond. Protecting the site and data from hackers has to be ongoing. The holidays are a good time to get started, but once the holidays are over, ecommerce sites can take advantage of the steps they put into place and continue to improve and modify as the year goes on (and then they’ll be all set when next holiday season comes along, right?).
Arden provided me with four precautions that shoppers should be concerned about when making online purchases this holiday season. I’ve taken the liberty to modify them a little bit for the ecommerce point of view. They are:
- Conduct research: Arden suggested that consumers should check reviews about ecommerce sites to evaluate the “naughty” and the “nice.” My question is this: Consider how you want your customers to review you. Do you want to have a black mark of a data breach on your record permanently? (Ask Target about that problem.)
- When in doubt, throw it out: Arden warns consumers not to fall for spam or phishing emails about your site. It’s tough to tell a real email from a phishing email anymore, so how do you want to get the word to your potential shoppers about sales without them worrying about it being fake?
- Personal information is like money, so value it and protect it: Consumers can only do so much to protect their personal information once they give it to you. What are you doing on the back end to keep that data safe? Are you encrypting passwords? How secure is your cloud storage? Is your software and operating system up to date?
- Use safe payment options: Here again, the customer is depending on you. Are you PCI compliant? Is your mobile app secured with HTTPS?
As Garry McCracken, VP of Technology with WinMagic, said to me in an email comment, more people are shopping online than ever before, and more folks are accessing in-store shopping apps. What does this mean for retailers and individuals? He added:
In the same way that the advent of IoT technology is expanding the attack surface, the chances of malicious activity are greatly increased during the holidays simply because there is more activity. With so many more purchases going on during the holidays, it’s easy to lose track of things such as credit card transactions, and that can cost shoppers. The key is to be aware, check your statements, and make sure that your accounts stay accurate.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba