Posted by Stephen Palamara, TCC Director of Business Development
Many small businesses have an online store, either exclusively, or as an extension of their brick-and-mortar establishment. Increased web traffic and high order volumes mean the holiday shopping season can be a perilous time for online businesses working to safeguard customer information.
I read this article posted to the SecurityIntelligence website that was targeted toward retailers to help them improve security practices. To read the full article, follow this link: https://securityintelligence.com/5-recommendations-to-improve-retail-cybersecurity-this-holiday-season/
Statistics cited indicate that “IBM X-Force Incident Response and Intelligence Services (IRIS)’s assessment of X-Force Interactive Security Incident data recorded between 2012 and 2017 revealed that 41 percent of all retail and consumer product breaches occurred between September and December, elevating the risk for enterprise network breaches during that time of year. More than two-thirds of all records in the consumer products sector were leaked, lost or stolen during these last four months of the year — that’s nearly 180 million records each year.”
These numbers indicate that increasing security now is key for online retailers. The article gave several good tips to small businesses to safeguard consumer data including the following:
- “In line with recent regulatory laws such as the General Data Protection Regulation (GDPR), retailers should collect the least possible amount of PII on customers, have a clear purpose for each data element, and make sure to always keep data encrypted and safeguarded, both in transit and at rest.”
- “Employ the most recent patches for all hardware, internal and external software, network communication protocols, and database security protocols.” Sanitize user input to prevent injection attacks.”
- “Prioritize patching for the threats most relevant to your organization. Look out for the most-exploited vulnerabilities and ensure that internet-facing servers and systems are up to date.”
- “Enforce multifactor authentication (MFA) for employees.”
Practicing safe network hygiene can help lower the risk of compromises to user accounts and limit the ability of criminals to steal payment card data from customers this holiday season.
To learn more about TCC’s IT Managed Services and Cybersecurity please visit our website https://e-tcc.com/managed-services.