In the wake of new high-profile cybersecurity breaches, such as those experienced by Equifax and Deloitte, the subject of protecting technology and data is on everyone’s mind. Even if your business is not as big of a target as Deloitte or Equifax, protecting your and your customers’ sensitive data is a major obligation. Cybercriminals look for any opening to commit a virtual smash-and-grab. Letting your guard down for even a moment is typically all the opportunity the bad guys need to commit a crime that can have dramatic and catastrophic effects on your business and your customers’ financial stability. Knowing this, it makes sense for all businesses to establish some commonsense safeguards when it comes to their use of technology. Although having strong cybersecurity protocols in place and partnering with a qualified cybersecurity firm, such as Nebula Consulting, can go a long way to protecting data and technology, following a few simple procedures also can have a significant impact on security posture.
STAY AWAY FROM PUBLIC HOTSPOTS It cannot be stressed enough how dangerous it is to share one’s personal or financialIt cannot be stressed enough how dangerous it is to share one’s personal or financialinformation with any website or any person over the Internet while using a public connection.Public Wi-Fi networks are common hunting grounds for attackers and data snoopers who tryto access users’ personal information. Since public networks have negligible security, usersshould try to avoid using them while making online payments – or if they really have to, thenthey must use a VPN – a Virtual Private Network.
KNOW WHERE YOUR DATA IS Even if you use a third party for payment transactions, you are still liable for managing the data. You need to check to make sure you’re not securing credit card payment information on mobile devices and that the data center you’re using to store data has fully-implemented information security policies and procedures in accordance with PCI requirements and industry standards. These also apply to any storage of personal data associated with customers and employees. It’s mandated this information be securely held.
MANAGE PASSWORDS As basic as this might seem, passwords continue to be incredibly important. Require your employees to use strong passwords and to change them often – every 90 days. Use a password manager and employ other factors for authentication, where possible to build defense in depth.
USE A RELIABLE E-COMMERCE PAYMENT SOLUTION Safe payment acceptance technology integrated within your website ensures any transaction completed via a credit card will be secure. The consumer will be able to make purchases without any personal information being accessed by outside forces, and your bank accounts connected to the website will also be secure. You, as well as the consumer, can feel comfortable completing payments within your site.
SECURITY LAYERS When it comes to DDoS attacks, proxy or scrubbing services should be used. Firewalls can help limit DDoS attacks, but they suffer from the same resource issues that a web server or router would when attacked. They may handle it a bit better but are not considered DDoS prevention tools. E-commerce sites can benefit from cloud-based DDoS protection and managed domain name system services to further protect themselves from attacks. Always employ best practices in the software development process.