Wednesday 16 April, 2014

Ecommerce Security – Tips on Handling Customer Data

For an ecommerce store, there is probably nothing more serious than how you handle your customers’ data. You have to store and use a variety of data from your customers including personal information and financial records, and if this information is compromised or stolen, you can get into a whole heap of trouble. For a small ecommerce site, it can be enough to destroy your entire business. Here are some tips, ideas and guidelines for handling customer data carefully and responsibly.

Only Collect What You Need

Don’t ask for more information than exactly what you need from customers. It may be tempting to get extra information for marketing or other purposes, but too much information is a liability. Whatever data you gather, you have to store and protect. It can fall into the wrong hands. Decide exactly what you need and only ask for that.

Practice Good Password Protection

No matter what security programs you have in place, it’s ultimately the strength of your passwords and your vigilance in protecting them that offer a front line of defense against security breaches. Create good passwords and change them often. Restrict access to passwords and create temporary passwords for contractors or other temporary employees. Change passwords when someone leaves your company.

State Your Privacy Policy

Write a privacy policy that covers everything related to the handling of customer data and post it where it’s easy to see. Include what information you collect, what you do with it, and what measures you enact to keep it safe. Let customers know whenever there is a change to your privacy policy and be responsive to any questions or concerns they may have.

Check the Law

Make sure your data collection practices are in accordance with local and federal laws. You could be breaking the law without realizing it. Do your homework and make sure you’re within the bounds of the law.

Entrust a Third Party with Credit Cards

You may want to use a third party service provider to handle credit card transactions. Many companies do this because it’s such a liability to store this information yourself. Third party providers offer excellent security and provide a good solution that frees you from responsibility.

Load up on Security

Load up your site with as much security as possible. You can never have too much. Encrypt everything and do regular scans to remove malware. You might want to consider pentesting, a very thorough type of testing that exposes a site or system’s weaknesses. Run a tight ship when it comes to security.

Plan for the Worst

Finally, make sure you have a solid plan in place in case there’s a breach of security. As part of this plan, inform your customers and tell them what actions you’re taking to keep their data safe.

Bob Steele

Bob Steele

Bob Steele is an entrepreneur, software developer, marketer, and author living in the Denver metropolitan area. He’s an avid outdoorsman who loves skiing, hiking, fishing, boating, and just plain having fun. His interests include games, space, technology, physics, cooking (well eating actually), economics, business, internationalism, and team sports. With over thirty years of professional consulting experience, Bob has been exposed to many diverse business models and has gained a sensible approach to life. Bob’s company, WaveCentric is focused on commerce, marketing, and entertainment related products.

More Posts - Website

 
Comments Off on Ecommerce Security – Tips on Handling Customer Data   Posted In: Commerce   |    Written By: Bob Steele