4 Security Risks To Your Ecommerce Site and How to Fix Them

Alarming newspaper and industry reports show that no one, including small businesses, is immune from a potential data security breach. According to a 2013 survey by National Small Business Association, half of all small businesses surveyed had been a victim of a cyber attack.

The best way to protect yourself is with a comprehensive security protection plan and knowing some of the tricks hackers use that can cost you time, money and spur mistrust from your customers. Here are four risks that could make you a target for hackers – and how you can fix them.

Risk: Weak passwords

The necessity of a strong password is so basic it should be a no-brainer, right? But a strong password is one of your first lines of defense against unscrupulous hackers, so it bears a mention.

Fast Fact: Studies have shown that website users typically have only one password for multiple accounts, leaving customer information and business data vulnerable to hacking.

What you can do: Experts recommend you create a password that’s at least eight characters long, with a combination of capital letters and symbols. And it’s better if passwords aren’t real words, either, which makes them easier to hack. Create a password that’s gobbledygook (that you can remember) rather than a real word and you’re more likely to evade hackers.

Risk: Phishing

We’ve all gotten those emails: an African prince needs us to transfer him money, etc., etc. Some attempts to steal our data and get our money are so blatant it’s almost laughable. But there are more subtle phishing techniques out there, that, if you’re not vigilant, could be as simple as one unaware-click away to open the door to a hacking maelstrom. Phishing can come in the form of a legitimate-looking email with an attachment or link to a virus, malware or spyware.

Fast Fact: Phishing attacks have been steadily rising each year, according to the Anti-Phishing Working Group, which works to create a unified global response to cyber crimes.

What you can do: Don’t click without thinking first. Copy and paste a link to a URL rather than clicking on it. Keep your operating system and software up to date.

Risk: Untrained staff

You can have an exemplar internet security plan in place, but have your employees been trained on how not to let an intruder in through the gates? Employees not trained on cyber security methods is like having staff who don’t know how to set the code for the alarm system.

Fast Fact: Nearly 19 percent of Americans surveyed said they had never changed their PIN or password without first being prompted, according to a survey conducted by The National Cyber Security Alliance and PayPal.

What you can do: The National Cyber Security Alliance, a nonprofit focused on internet safety, recommends training employees to create strong passwords, to back up their work and how to spot and not click on suspicious links and attachments in emails.

Risk: Social engineering

Instead of tediously trying to hack into software, hackers try to get information directly from the source: you. They may try to get you or an employee to install malicious software or use you to gain access to unauthorized locations.

Social engineering is one of the latest tactics hackers use and is on the rise, according to a January 2014 recent article from Inc. Magazine.

Fast Fact: The average cost to a small business that’s been hit by a cyber attack was more than $9,000, according to a 2013 National Small Business Association survey.

What you can do: Be careful of what personal information you reveal online. Beware of hackers pretending to be from your company’s IT department and asking for sensitive data or passwords.