Data protection: Securing your e-business
SC Magazine UK, August 5, 2008
Internet-based businesses are only as successful as their customers allow them to be. With that said, it’s critical to ensure online security in order to keep them happy and coming back for more. However, as technology continues to evolve and hackers become smarter, security experts are forced to stay their toes.
“I’d say that somewhere between a third and half of e-commerce sites we test have some kind of vulnerability,” said Ken Munro, managing director of penetration testing company SecureTest. “But at least it’s us finding them and not someone with malicious motives.”
So how can e-retailers manage their business and discourage theft? The author of this article offers 10 tips for securing e-business.
- 1. “Work towards PCI compliance …quickly”: Make sure your business is compliant with the Payment Card Industry Data Security Standard (PCI DSS)
- 2. “Or use a payment card scheme”: Consider teaming up with PayPal or Google Checkout so that your customers don’t have to worry about their credit card information leaking into cyberspace.
- 3. “Don’t skip on penetration testing”: Regularly monitor your web applications and check for repeat failed login attempts or modifications.
- 4. “Consider managed security service providers for 24/7 monitoring”: Consider hiring a security specialist to work around the clock and monitor inappropriate activity.
- 5. “Or deploy the best technology to do it in-house”: Invest in security software that you can manage internally.
- 6. “Arm your team with forensics skills”: Rely on some of your top employees who can successfully manage forensic duties.
- 7. “Stay vigilant to the threat of phishing”: Be on the lookout for phishing vulnerabilities.
- 8. “Provide a point of contact”: Develop a communication plan for situations involving security breaches.
- 9. “Learn from your peers”: Listen to what industry experts are dealing with and learn from their actions.
- 10. “Regularly revisit your incident response plans”: Always stay alert and keep your response plans up-to-date with the latest trends and analysis.