Whether you are a large-scale online business or a mom and pop storefront, all merchants can and must have a strong security strategy. With Retail now the number one most targeted industry, accounting for 48 percent of all data breach incidents in 2012 alone, it is crucial for organizations of any size to protect themselves and their customers by eliminating potential security threats.
Oftentimes, it is the small to medium sized businesses that miss the security mark because of lack of resources or knowledge, but many larger online merchants exhibit a much more diverse set of issues when it comes to securing their websites. Below we discuss three ways adding additional protection can help enterprises stay one step ahead of cyber criminals.
Trustmarks
Consumers are more wary of shopping online and that’s a fact. While larger, more established sites may have an easier time bringing in new customers despite these fears, utilizing the power of trustmarks or security seals can have an impact on enterprise sales. First impressions are instrumental in determining sentiment for many situations and eCommerce is no different—aside from assets like product photos, the presence of a trustmark can influence a consumer’s decision to shop or not.
Success is not always proportional to size and larger merchants shouldn’t only rely on their reputation to drive revenue. According to a Harris Research survey, 60 percent of users were apprehensive about sharing personal details online with sites they had never shopped at before—large or small. By boosting customers’ confidence, security seals ultimately lead to an increase in traffic and sales – and a boost to your bottom line.
Vulnerability Scanning
The recent string of high-profile data breaches, plus those that occurred in 2012, drive home the reality that even industry giants are vulnerable to attack. Ecommerce has become a major part of US retail sales culture, and as online businesses become more profitable, cyber criminals will be quick to follow the money. As your business grows, your security plan must growth with it. In the process of building a strong internal team, it is also important to enlist the help of third party providers, who can help find and patch potential weaknesses.
Complex websites offer hackers many more opportunities to slip in unnoticed, which is where having a second pair of eyes can come in handy for larger online merchants. Aside from network firewalls, web applications and code must be scanned continually to avoid application-level vulnerabilities, such as code revelation, cross-site scripting, and SQL injection. Additional revenue means more to lose in the event of a breach and more often than not, outside parties will be the ones to discover the incidents before an internal team will.
PCI Compliance
In today’s threat laden environment, staying up to date with credit card security standards, like PCI DSS, is crucial for large and small retailers alike. The size of your business will determine the specific compliance requirements that must be met, but compliance is vital for all merchants who accept credit cards. In the end, nothing is more important than keeping customer’s payment card data secure.
A major part of these data security standards focus on eliminating unnecessary data as well as keeping detailed tabs on what is stored, locally or with a third party platform. The larger your organization is, the more places customer data can hide, unencrypted for criminals to find. Along with frequent vulnerability scanning, following these standards should be part your enterprise security strategy. As we’ve discussed before, the business risks and ultimate costs of non-compliance can amount to high fines, legal fees, decreases in stock equity, and especially lost business.
Boosting your enterprise security strategy with trustmarks, vulnerability scanning, and PCI compliance can ultimately lead to an increase in traffic and sales, regardless of size. Through these services, larger merchants can help provide assurance to first time visitors as well as encourage those who may have doubts regarding the safety of eCommerce transactions in general.
Visit our website for more information on these McAfee SECURE services, and be sure to follow us on Twitter at @McAfeeSECURE for the latest in eCommerce news and events.