Cybercrime is growing fast, and e-commerce is the most attractive target. That means you need to put extra focus on security. Both when it comes to your e-commerce platform and your internal security routines. Here, you’ll find out more about how to protect your e-commerce business and what requirements to set when choosing a secure platform that protects both your business and your customers.

E-commerce is cybercrime’s top target

According to studies on how exposed different industries are to cybercrime, e-commerce unfortunately tops the list. Of all IT attacks, 32.4% are aimed specifically at e-commerce businesses. That makes it more exposed than sectors such as banking and finance or social media.

There are several reasons why cybercriminals favour e-commerce. One is that the industry handles large volumes of valuable data, including detailed personal information, card and payment data, and financial transactions. Another is that security awareness in e-commerce is still relatively low. Many e-commerce businesses don’t think about updating and maintaining their platform, applying robust enough security routines, or understanding the threat landscape and how to protect themselves. This low level of security awareness is reflected in the fact that only 38% of affected retailers have managed to deal with cyberattacks successfully.

These attacks take different forms. From attempts to crack weak passwords and exploit outdated software that hasn’t been updated, to trying to deceive users. For example via email (more than 92% of malware attacks are delivered by email) or by targeting customer service with fraud attempts. According to a Swedish study, more than half of Swedish e-commerce companies agreed to give access to customer accounts without first verifying the identity of the person requesting access. So there is plenty of room to improve security in e-commerce. Both technically and in day-to-day ways of working.

What to look for in a secure e-commerce platform

Starting with the technical side, you can lay the foundation for strong protection by thinking about security when you choose your platform. To get a stable platform with a high level of security, you can set basic security requirements such as:

Two-factor authentication at login. In other words, login happens in multiple steps, for example with a password first and a one-time code sent by SMS or app.

Secure integrations. If other systems are connected to the platform, the APIs that allow those systems to communicate should include security measures. For example through authentication and permission segmentation that controls what an integration is allowed to do.

Protected data storage. Find out how the vendor protects both your data and your customers’ data. What routines and security protocols are in place? What happens in the event of a breach?

The vendor’s Business Continuity Plan (BCP). In other words, the strategies and routines an organisation has in place to quickly restore business operations after disruptions such as cyberattacks. Is there a BCP, what does it include, and how often is it tested

Access and permissions. Can you control which users can access what in the platform? The broader the access, the higher the risk. You can reduce that risk with need-to-know access, where each user only gets access to what they actually need.

Data backup and backup routines. It’s not just about having regular data backups. You also need to test them so you know data can actually be restored.

Security updates. How often is platform security updated? Does it happen automatically, or do you need to handle it manually?

How to protect your e-commerce business from security risks

A secure e-commerce platform gives you a safe and stable foundation for your security work, but there are also plenty of risks tied to routines and mindset. One of the biggest is not treating security as a problem until it actually becomes one. The best way to protect your business and your customers is to be proactive and keep security front of mind at all times. Put solid security routines in place and understand what happens in the event of a breach. What do you do if the worst happens? How should you respond if a breach occurs? How can you prevent it?

You can also improve your day-to-day security hygiene. Passwords are a good place to start. Simply introducing two-factor or multi-factor authentication will significantly improve security. You should also use long, strong passwords. According to time estimates from cybersecurity company Hive Systems, a 7-character password can be cracked in just 2 seconds. Even if it includes a mix of numbers, upper-case and lower-case letters. Increase that password to 12 characters, however, and it takes 53 years to crack. You should also avoid reusing passwords. A password manager is a good way to use unique, hard-to-crack passwords for every login without making them difficult to manage.

You can also strengthen your security by understanding the most common ways attackers get into a system. As mentioned, more than 92% of attacks start with an email. Be alert to unexpected messages, especially if they contain links or attachments. Check the sender’s account and where any links lead. You should also use security software such as antivirus tools that scan files.

Viskan E-commerce Platform – how we work with security

At Viskan, we work actively with security for our customers. Both in how we work and how we develop our e-commerce platform. We take a proactive approach when writing code and working with the platform’s infrastructure. That means we think about how to prevent problems before they happen. It helps us stop security breaches before they occur.

We also maintain a high level of monitoring across every part of our system. That means we quickly know if something happens, so we can stop a potential attack as fast as possible. We also have access to extensive resources that support our security work, including a large, highly specialised security team that helps us every day. Thanks to them, we benefit from current and unique security insights, which makes our proactive security work even more effective.

Just as importantly, we’re happy to give you tips and advice on how to use the product more securely while strengthening your overall security. We’ve also held a webinar on how e-commerce businesses can work more securely. If you missed it, you can watch it here.

Want to know more about how to choose a secure platform and what you can do to protect your e-commerce business?

Talk to us and we’ll help you improve security!