Is Your Site Secure?

Over the past few years, more and more people have been turning to the internet for communication, transactions and data storage. It’s simple and cost efficient, but how do you stay safe online? Corporate data theft is a huge concern, and there have been some notable breaches,  but there are several things you can do to keep your online business and the data of your customers safe.

Customers  benefit from the convenient “anytime, anywhere” online access their online bank or venues such as PayPal  offer regarding bill payment and/or receipt of funds. However, customers will not continue to put their funds and identities at risk if they don’t trust your site to protect their interests. It’s a simple equation – security = success.

Phishing is one of the most malicious acts of hackers. Everyone has seen the emails and heard the horror stories about phishing. Thieves send out fake emails encouraging users to log on to what appears to be a legitimate website. When they provide their account details, their data and info can be captured. If you store personal data or credit card information ‘on file’ – you are subject to higher risk. The more you have out there, the more you have to potentially lose. Don’t do it yourself, and don’t offer this as an option to your customers either. Yes, it’s convenient, but it;’s just not best practice regarding security.

Software viruses and Trojans easily and effectively embed themselves on helpless home or office computers every single day. The result of this is compromised passwords and breached online accounts. Neither scenario is pretty to think about.  Imagine the consequences in lost funds and angry customers if their data was breached. Even if you use the best anti-virus software commercially available, there will always be a chance a new hacker can penetrate your defenses.

If you do collect data from consumers, at the very least you need to invest in a top notch encryption supported within a secure environment – and you need to update it regularly. You must actively pursue true security and privacy solutions that directly support both your business goals and client demands or you need to get out of collecting personal consumer data completely.  Even  small business’ need to meet requirements such as trusted and secure email; effective data protection of electronic files (regardless where they are electronically stored) and strong authentication of all staff associated with the site as well as any financial partners. Anything less is too big a risk.

Weak authentication equals weak security. That is as simple as it can be said. Single-factor password authentication results in a complexity that makes passwords impossible for many to remember, meaning it gets written down or saved making the point of the password moot. If paper copies of passwords are floating around they are already compromised. If they cannot be remembered and are constantly reset they are inefficient. 2-factor authentication results in providing more secure access, but without strong user acceptance it can’t become an effective tool.

Even if you have gone to the level of having installed SSL-enabled products that easily encrypt email traffic while being sent or received, as soon as the data is stored locally on the computer, you really need to supplement the security with products that provide whole-disk encryption. Even this is not enough against the most dedicated hackers.

The bottom line is to always be security minded. Do your best to protect your customers and your own data. Also, take some time to educate your consumers so they don’t get aggravated at the security precautions! Making the extra effort can make all the difference.