Wednesday 16 April, 2014
For an ecommerce store, there is probably nothing more serious than how you handle your customers’ data. You have to store and use a variety of data from your customers including personal information and financial records, and if this information is compromised or stolen, you can get into a whole heap of trouble. For a small ecommerce site, it can be enough to destroy your entire business. Here are some tips, ideas and guidelines for handling customer data carefully and responsibly.
Only Collect What You Need
Don’t ask for more information than exactly what you need from customers. It may be tempting to get extra information for marketing or other purposes, but too much information is a liability. Whatever data you gather, you have to store and protect. It can fall into the wrong hands. Decide exactly what you need and only ask for that.
Practice Good Password Protection
No matter what security programs you have in place, it’s ultimately the strength of your passwords and your vigilance in protecting them that offer a front line of defense against security breaches. Create good passwords and change them often. Restrict access to passwords and create temporary passwords for contractors or other temporary employees. Change passwords when someone leaves your company.
Check the Law
Make sure your data collection practices are in accordance with local and federal laws. You could be breaking the law without realizing it. Do your homework and make sure you’re within the bounds of the law.
Entrust a Third Party with Credit Cards
You may want to use a third party service provider to handle credit card transactions. Many companies do this because it’s such a liability to store this information yourself. Third party providers offer excellent security and provide a good solution that frees you from responsibility.
Load up on Security
Load up your site with as much security as possible. You can never have too much. Encrypt everything and do regular scans to remove malware. You might want to consider pentesting, a very thorough type of testing that exposes a site or system’s weaknesses. Run a tight ship when it comes to security.
Plan for the Worst
Finally, make sure you have a solid plan in place in case there’s a breach of security. As part of this plan, inform your customers and tell them what actions you’re taking to keep their data safe.