As an online retailer, you are responsible not only for your own data, but also for that of your customers. Therefore, you should take extra care to protect the online store from hacker attacks. Here are the most important measures to take before.
Use complex passwords
As an online retailer or trader, you need many passwords, for example, for administrative access to the store system, access to databases or to web hosts. Choose passwords that are as complex as possible, containing letters, numbers, special characters and a minimum length of 8 characters. Passwords that are too simple or too short can easily be decrypted. Use different passwords for each access, this will prevent total loss in case of loss of a single password. A password manager helps to manage the different passwords.
Please confirm your e-mail address!
Click on the link in the email we just sent you. Also check your spam folder and whitelist us.
More info about the newsletter.
Use virus scanners and firewalls
Use virus scanners on your computer to defend against viruses and Trojans, as well as a firewall that cannot be changed without permission. Always keep the programs up to date. Also, remember to update your operating system regularly, this is another area where potential security vulnerabilities are addressed by manufacturers.
Keep your store system up to date
The same thing that applies to virus programs and operating systems is also crucial for your store system: always keep it up to date. Most vendors provide regular updates that close known vulnerabilities and may include security-related features.
Be stingy with write permissions on the web server
The more files have write permissions, the greater the risk that malware can get onto the web server. In the worst case these files read out data of your customers. Therefore, grant write permissions only where they are really needed.
Forms are often used as a gateway for malware, e.g. search forms, user registration or customer logins. In the program code you define how this data is processed and read out. Therefore, when creating the code, you should (or have) algorithms built in that make it more difficult for malicious programs to penetrate the system by means of so-called "code injection attacks".
Encrypt sensitive data
There is no such thing as 100% certainty, and there never will be. Unpublished vulnerabilities cannot be fixed by any manufacturer and therefore any system will always remain vulnerable. This makes it all the more important to be prepared just in case. A very effective method is to store the data only in encrypted form and to keep the key safe and separate from the data. If an attacker gains access to the system, he or she will find only unreadable data.
Get professional assistance
Nobody can be a specialist in everything. This is especially true when it comes to information security. There are solutions and specialists who can support you in protecting your online store and tell you clearly where the shoe pinches. The range extends from automated vulnerability scanners to external information security officers.
Security is a worthwhile investment
You are probably already familiar with some of the security measures presented from private Internet use, but as an entrepreneur you have an even greater obligation to protect your own data and that of your customers. In the event of data misuse, damage to image, economic losses and penalties are usually enormous. An investment in the security of your online store is therefore a worthwhile investment.