We Make eCommerce Simple for Small Businesses
  SEOsamraat
  • SEO Home
    • SEO for Corporates >
      • Beat Your Competition With SEO
    • Power Searching
    • Keyword Research
    • SEO Best Practices
    • Types of SEO
    • SEO for Images
    • Optimized Content
    • SEO Tools
    • Webmaster Tools
    • SEO History
    • Future of SEO
    • SEO Basic Consulting
  • Workspace Home
    • Store It All on Drive
    • Move Write with Docs
    • Work with Sheets
    • Collaborate with Slides
    • Win Big Thru Sites
    • Sync Calendars to Meet
    • Get Secure with Vault
    • Get a Quote
  • Online Reputation Home
    • ORM Security
    • ORM Keywords
    • ORM Hiring and Training
    • ORM Legal Landscape
    • ORM Social Media Policy
    • ORM Tools
    • ORM Branding
    • ORM Goals
    • ORM Strategy
  • Blog
  • Digital Products
    • Password Creation Checklist
    • Glossary of ORM Terms

tips against cyber crime for Ecommerce firms

19/11/2014

0 Comments

 
Picture
In December 2013, US retailer giant Target Corp disclosed that cyber criminals had hacked into its systems and stole credit card OR personal information from more than 100 million customers. Both credit card AND personal information were believed to have been stolen from about 12 million customers.

In September 2014, another US retailer Home Depot admitted that account information of 56 million cardholders were compromised by a security breach.

Credit card account breaches at Target and Home Depot are among the biggest such incidents and have had had far-reaching consequences. In Target’s case, it led to the exits of both Chief Executive Officer Gregg Steinhafel and Chief Information Officer Beth M Jacob.

HOW TARGET AND HOME DEPOT WERE INFILTRATED


Cyber security experts say there are important lessons for others in studying how attackers infiltrated both the retailers.

•    At Target, attackers entered its network through a refrigeration and air conditioning supplier who should have been ideally far away from customer financial data.
•    At Home Depot, hackers infiltrated its cash register systems at its US and Canadian stores in April 2014.

This is one reason why security experts advise that storeowners should always assume that hackers are already inside the company’s network. Their focus should thus be on protecting the company’s ‘crown jewels’. So even if attackers scale the company’s walls, there should be many more layers for them to overcome before they can reach the core databases.

Cyber experts says that once companies adopt the stance that hackers are already inside, then they would start investing in making their organisation as difficult a target as possible to hack. They should do so by adding strong encryption and layers and layers of vaults to company data.

BEST PRACTICES FOR INDIAN ECOMM FIRMS

Ecommerce is all the rage in India now. As revenues zoom, companies have the responsibility to keep their databases and gear secure, and keep cyber criminals at bay. Here are some best practices they can adopt to keep themselves as well as customers out of harm’s way.

•    Monitor fraud loss regularly. Set a limit to the fraud you can tolerate. Conduct a review meeting of the respective business group when the fraud nears 90% of the target set.
•    Set up a dedicated email ID so that customers can report any fraudulent activity they have noticed.
•    A fraud helpline for customers and employees to report suspicious activity is also helpful.
•    Conduct vulnerability scans at least once every quarter using vendors approved by the payment cards industry.
•    Companies should coach employees in adopting best practices for password creation and maintenance.
•    Hackers will try to access company networks through remote access log-ins. So security on such log-ins should be improved.
•    Single-factor authentication should be phased out at all access points in the company and replaced with twin-factor authentication.
•    Hackers would try to hack into the credentials of people with the highest level of access, namely members of the top leadership. So they should be doubly protected.
•    Buy threat intelligence from cyber security companies; also share human intelligence with peers in the industry.
•    A flipside of encrypting more and more data is that it slows down computer systems in the company. As a result, there is resistance to increased encryption, especially from ecommerce firms that want to respond quickly to customer queries. Investing in upgrading technology should provide a way out of this.

REHEARSE YOUR RESPONSES

What happens after a breach is equally important in managing losses as what companies do to prevent breaches in the first place. Public statements intended for customers, employees, regulators and the press should be prepared in advance. Ditto for website messages and provision for alternate payment methods.

Another essential step is to train employees to ignore spam as well as attempted phishing attacks. The cyber security industry has identified telltale signs that are the hallmark of phishing messages. They are likely to feature:

•    Generic names to address individuals. Instead of using the intended victim’s name, a phisher will begin communication with a generic ‘Dear Customer’ or something similar.
•    The logo may not quite match.
•    For some reason, the communication will feature language riddled with grammatical errors.
•    They will invariably ask victims to verify their passwords at a masked web address. That should be a dead giveaway.

In short, as far as cyber security is concerned, it pays to be ever vigilant and adopt best practices and train employees across the country.

e.o.m.


0 Comments

    Archives

    December 2014
    November 2014
    October 2014
    September 2014
    August 2014
    July 2014
    June 2014
    May 2014
    April 2014
    March 2014
    February 2014
    January 2014
    September 2013
    August 2013
    April 2013

    Author

    I'm Georgy S. Thomas, the chief SEO architect of SEOsamraat. The Searchable site will track interesting developments in the world of Search Engine Optimization, both in India as well as abroad.

    Categories

    All
    30th Annual TED Conference
    A/B Testing
    Adsense
    Adwords
    Aggregation
    Airgapped Computers
    Alex Gawley
    Algorithms
    Amazon
    Andreessen Horowitz
    Andy Conrad
    Astro Teller
    Ben Horowitz
    Bill Gross
    Bing
    Bitcoin
    Boston Dynamics
    Brand Management
    Brin
    Buchheit
    Business Insider
    Cailliau
    Charlie Rose
    Code Messages
    Coders
    Competitive Analysis
    Credit Card
    Crown Jewels
    CSAT
    Cutomers
    Cyberattackers
    Cyber Criminals
    Cybersecurity
    Cyber Security
    Cyber Siberia
    DATA PROTECTION
    David Krane
    DeepMind
    Digital Assassination
    Digital Innovation
    Diversity
    Donkey Kong
    Douglas
    Douglas Edwards
    Doxing
    Driverless Car
    Dunbar Number
    EBook
    Ebooksearch
    Ebookseller
    Ebooksellers
    Ecommerce
    English Auction
    Facebook
    Facebook Page
    Fetch As Google Tool
    Financial Times
    Flat Organization
    Flicker
    Fortune
    Fraudulent Activity
    Generic Names
    Giant Target Corp
    Gmail
    Google
    Google Analytics Tool
    Google Apps
    Google Chauffeur
    Google Maps
    Google Search
    Google Story
    Google X
    GoTo.com
    Greg Boser
    Gregg Steinhafel.
    Guruji.com
    Hackers
    How To Queries
    Huffington Post
    Human Flesh Search Engines
    IBM
    I'm Feeling Lucky
    Incentives
    Internet
    IP Addresses
    Japanese Auction
    Jeff Bezos
    Jeffrey Brewer
    Jill Abramson
    Kellogg’s
    Keyword Research
    Kindle
    Larry
    Larry Page
    Lidar
    LinkedIn
    Links
    Lori Randall Stradtman
    Luck
    Mail
    Malware
    Mark Davis
    Mauboussin
    Michael Mauboussin
    Microsoft
    Microsoft Stable
    Moonshot
    More Than You Know
    Neocortex
    NeXT Computer
    Nicole Perlroth
    NYT
    Nytimes.com
    Online Reputation Management
    Passwords
    Paul Buchheit
    Phishers
    Phrasal Searches
    Planet Google
    Project Loon
    PROPUBLICA
    Puzzles
    QWERTY
    QWERTY VS. DVORAK
    Recommend
    Reconsideration Tool
    Reid Hoffman
    Richard Torrenzano
    Robert Cailliau
    Robin Dunbar
    Satya Nadella
    Scams
    Schaft
    Scoop
    SEARCH ADVERTISING
    Search Engines
    Search Patterns
    Search Queries
    SEO
    Seo Agency
    SEO Analysts
    SERENDIPITY
    Sergey Brin
    Shari Fujii
    Silk Road
    Skill
    Social Networking Sites
    Spam
    Spammy
    Steve Jobs
    STORY MARKETING
    Streetview
    Stross
    Success Equation
    Suspicious Activity
    Systran
    Tell-Tale
    The 20% Doctrine
    The Age Of The Unthinkable
    The Art Of Strategy
    The Atlantic
    THE BANDWAGON EFFECT
    THE DUTCH AUCTION
    The Guardian
    The Legend Of Zelda
    The New York Times
    Think Twice
    Tim Berners-Lee
    Trivia
    Union Public Service Commission
    Uper Mario Bros
    URL
    Venture Capitalist
    Vigilantes
    Webmaster
    Webmaster Tools
    Website Traffic
    Wii
    William Vickery
    Wired Article
    World Wide Web
    WYSIWYG
    Yahoo

    RSS Feed

    View my profile on LinkedIn

About Us
Contact Us
Consult Us Now
Write to Us 
Terms of Use
Privacy Policy
Copyright © 2022 Proseperity
Photos used under Creative Commons from futureshape, a4gpa, taymtaym, Esparta