Ecommerce Security Myth
It’s all about Credit Cards
Many conversations about Ecommerce Security revolve around credit cards – how to protect consumer card information, how to secure transactions, how to achieve PCI compliance. And while these conversations are incredibly important, the conversation about security shouldn’t end there. Ecommerce security is about much more than credit card or payment security, for both B2C or B2B merchants.
B2C Ecommerce Security
B2C merchants should consider what customer information they capture beyond financial information. As CRMs become more popular for omnichannel merchants, retailers are increasing the information the hold on each of their customers, and they have a responsibility to keep that information safe. A great example is one of 2015’s most high-profile hacks – how many of Ashley Madisons members were thinking of their credit score when the site was breached?
If you’re not familiar, Ashley Madison is an online dating service geared towards married people looking to commit adultery. They were breached earlier in the year, and customer information including names, email addresses and detailed sexual preferences was posted online. The leak has resulted in public shaming, extortion attempts, lawsuits, divorce proceedings and more. While this is an extreme example, it illustrates the point that online merchants should consider the data they store on their customers, and ensure it is protected.
B2B Ecommerce Security
For B2B, protection is even more important. As an enterprise organization, you need to make sure that your customer data is protected. While it might not include credit card numbers it likely does include classified information about your customers and their employees – and its compromise could be a huge risk to your customers – and you. Think of the SONY data that was leaked late last year and the repercussions that were felt across North America and the world. Again, this is an extreme case, but it is a great example of why, even if the majority of your customers aren’t paying by credit card, you need to realize the value and importance of the information you hold – and make sure it is secure.
There are a ton of solutions for you to keep your data secure – from WAFs to regular security testing and DDoS mitigation – the specific tools you use to secure your environment will vary based on your environment, but the important takeaway is that the ecommerce goes far beyond credit cards.