The holidays are right around the corner and business retailers are looking forward to the opportunity to offset prior losses with big holiday sales. In traditional brick-and-mortar stores, the holidays also usually see an increase in thefts and shoplifting as people try to take advantage of the crowds.
The same is true of eCommerce websites as the holidays can be a magnet for hackers looking to take advantage of the additional traffic to cover up their actions. It’s a fact that online stores as diverse as Target and Neiman Marcus have been hacked in recent years.
Let’s look at what you can do to secure your website so you don’t become another statistic.
One of the biggest tools in the hacker’s arsenal is malware. This is a virus that is inserted into your website, often infecting the site and then spreading to other computers that log in to your site. If your website gets the reputation of being infected with malware, it can be the kiss of death.
To prevent this, you should invest in a malware scanner that you use regularly to ensure that your site is malware free. These scanners should be capable of checking every day to see that your site is clear. But you will also need to get automatic alerts if there is a problem or if your website has been blacklisted because of an infection. For WordPress websites, a plugin like WordFence will provide these features.
Additionally, conduct regular backups in case something does go wrong so that you can reset your website to an earlier, uninfected version of the site.
SSL Certificates and Trusted Site Seals
Another security option for your website is getting your hosting provider to give you an SSL (Secure Socket Layer) certificate and a trusted site seal. An SSL certificate ensures that data transferred from your customers to you, such as credit card numbers and addresses, is properly encrypted so that it cannot be stolen by hackers. This is essential if you want to do business in today’s economy.
Google is also putting up alerts on their Chrome web browser letting people know that websites are not safe if they don’t have an SSL certificate. Your website could be branded with a “Not Secure” warning screen and the suggestion that the users do not enter. Google is also ranking websites without SSL certificates very low on their search engine; customers looking for you online may not even find you.
One of the most preached about methods of thwarting hackers is not to use simple passwords that can be easily (or randomly) guessed. The same is true for your business passwords, but also for the passwords you have customers create when they make a profile with your company’s website. It is best to require customers to create passwords that are a minimum of 8-characters with a mix of letters (both capital and lowercase), numbers, and special characters.
It is also not a good idea to collect tons of data from your customers. Stockpiling credit card numbers is not PCI compliant and can get you in major trouble if your site is hacked and the data is breached. Instead, don’t store this information and you protect yourself from hackers.
This holiday, chances are good that your website will be tested by hackers who are looking to make money off of your hard work. To prevent this, it is important to make sure that your website is fully compliant and secure for the holidays. That extra step to make sure it is safe can provide you with years of loyal customers and clients.