Online businesses: How to protect your customers’ data
Back in the 1980s, the primary crime concern for retail business owners would have likely been shoplifting. Fast forward to today and the biggest threats come in the form of hacking and data theft.
In the past few months alone, we've seen stories of customer data scandals hitting some of the biggest high street names. Back in September, WH Smith was affected by a bug that saw customers given access to each other's details. More recently, retail behemoth Marks and Spencer had similar issues with its website. It seems no one is immune to the risk.
These goings-on are enough to scare any business owner, but they should also act as a reminder to protect your own customers' information.
Why is protection important?
Although everyone uses it, many people are still a little scared of the internet. A recent survey
, for example, found that two thirds of consumers lie in online forms because they're worried about the risks of handing over personal information. With all the recent announcements of data breaches, can you blame them?
The second that news breaks about a retailer losing the personal data of shoppers, trust levels immediately take a hit and custom soon follows. It's definitely in your interests as a business owner to keep the defences strong.
Beyond reputation, companies also face legal risks. When you have a thousand upset consumers, angry that you lost their information, there's every chance one will start a lawsuit - the last thing you need in the run up to Christmas.
Unfortunately, there will always be a certain level of risk; hacking is becoming easier for criminals to achieve, and when the rewards are so great, determination is at an all-time high. There are ways to minimise the chances, though. Below are some tips.
Change your passwords, and change them again
Whenever you have a new IT system installed, it will come loaded with its own default passwords. These could be simple words, but they're often complex strings of random characters. It's easy to see why you might look at one of these nonsensical letter/number combinations and assume no one would ever be able to guess that.
In truth, though, a hacker may be able to determine the original settings used by your system's manufacturer or installer, and could then gain access without much effort. It's best, then, to change it to something more personal, but still complex. Use a recognisable word by all means, but try replacing certain letters with similar-looking numbers.
Then, change your login details regularly to ensure the target is always moving. A fresh password will usually be a stronger one.
Keep your systems updated
As anyone who owns an iPhone will know, technology moves quickly - there's always a newer piece of hardware or software for you to consider. It's not always just a case of the manufacturer trying to get money from you, though.
As technology evolves, so too do hackers. They find new ways of infiltrating more robust systems, the systems then become even more robust, and the pattern continues. That said, the good guys in IT are usually one step ahead, so when you're offered a free update - or even a paid-for one in some cases - it's worth going for it. Any good tech maker will provide patch support to ensure all of the latest threats are protected against. The longer you keep outdated systems without making any changes, the more likely you are to fall victim.
Put your faith in encryption
If you're taking payments from Visa and MasterCard customers, you'll probably already be using encryption, as both companies require retailers to prove that it's in place before they provide permission. Even so, it's best to understand what this is actually doing, and how it protects you from attack.
It works by scrambling data during transfer, so it can only be understood by the right people: you and your customer. This means that even if a hacker makes it into your system, they'll probably struggle to make sense of the data they find. As hackers routinely target whole systems and not individual passwords, this is paramount.
It's not always easy for smaller companies to put the right protective measures in place; the financial resources aren't always there. This is why so many outsource their payment processing to dedicated providers. Yes, it will come at a cost, but the fees of a company like PayPal will be much cheaper than the lawsuit or loss of business that could come with the theft of unmasked credit card details.
Last but not least, publicise the efforts you're going through to keep your users and their information safe and secure. It should go a long way to helping you gain their trust. The result should be more repeat business.
Also see related content...
Sending parcels to the UK
Sending parcels internationally