Article

5 Tips for Keeping Your Ecommerce Store Secure Over the Holidays

Topic: Business NetworkingBy Michael PetersPublished Recently added
No ratings yet1,174 viewsSign in to rate
Online shopping is booming, but customers will shun ecommerce if they do not feel their data is secure. Just as “Video Killed the Radio Star,” ecommerce is making shopping malls go the way of the horse and buggy. In 2016, consumers reported making 51% of their purchases online, up from 48% in 2015 and 47% in 2014. Meanwhile, real estate experts estimate that large brick-and-mortar department stores need to eliminate about 1/5 of their current footprint in malls just to return to the same levels of productivity they enjoyed a decade ago. Consumers love the convenience and cost savings of ordering items online and having their purchases shipped to their door, but they will quickly sour on an ecommerce site if they feel their credit card information and personal data are not safe. Following are five tips for keeping your ecommerce store safe from hackers during the holiday season and throughout the year. 1. Make sure your ecommerce store is PCI DSS compliant. While PCI DSS compliance alone does not equate to a comprehensive ecommerce cyber security, being compliant with PCI DSS is the first step – and it’s required by major card issuers. Additionally, some states have laws that refer to PCI DSS explicitly or contain equivalent mandated standards. If you are breached, and it turns out that your ecommerce store was not PCI DSS compliant, your store may be found in violation of your state’s laws regarding data privacy, and the credit card companies that mandate PCI DSS could impose fines on your organization amounting to tens or even hundreds of thousands of dollars. If you are unable to pay the fines, you will no longer be able to accept their cards. Plus, your customers’ data will have been breached, which could result in civil lawsuits and massive damage to your store’s reputation. 2. Make sure all of your hardware and software is up to date. Antivirus and antimalware software should be updated regularly, and any manufacturer updates or patches to your operating system and other software used in your business should be downloaded and installed as soon as possible; they often include important security patches addressing newly discovered threats. 3. Make sure all of your employees, including temps, are trained in cyber security best practices. The weakest link in any business’ cyber security plan is its people. The overwhelming majority of data breaches occur after hackers obtain legitimate login credentials, often through social engineering schemes such as phishing emails. Make sure all of your ecommerce store’s employees, including seasonal workers, are trained in cyber security best practices, such as how to spot phishing emails and why they should never send personal data through unsecured email, share their passwords or leave them out in the open, or log in to the network on an unsecured device or connection. 4. Create a culture of “if you see something, say something” regarding ecommerce cyber security. Employees, especially seasonal workers, want to please their bosses, and this is something hackers take advantage of through schemes such as “CEO phishing,” where hackers send what looks like a legitimate email from the business owner or a c-level executive to a low-level employee, requesting sensitive information such as system login credentials or ecommerce customer data. Employees should be instructed to report all suspicious emails or any other activity that just doesn’t seem right – even if they think “it’s probably nothing” – to a supervisor. 5. Place appropriate restrictions on employees’ system access. Ecommerce employees, especially temporary workers, should be given the minimum level of system access they need to perform their jobs, and no more. If at all possible, limit access to your most sensitive data – such as customer payment information and employee tax data – to full-time, year-round employees. The reasoning is that full-timers have a track record with your company, have far more experience with cyber security best practices than your temps, and probably underwent a more extensive background check as well.

Article author

About the Author

Michael Peters is the CEO of Lazarus Alliance, Inc., the Proactive Cyber Security™ firm, and Continuum GRC. He has served as an independent information security consultant, executive, researcher, and author. He is an internationally recognized and awarded security expert with years of IT and business leadership experience and many previous executive leadership positions. He has contributed significantly to curriculum development for graduate degree programs in information security, advanced technology, cyberspace law, and privacy, and to industry standard professional certifications. He has been featured in many publications and broadcast media outlets as the “Go-to Guy” for executive leadership, information security, cyberspace law, and governance.

Further reading

Further Reading

4 total

Article

Introduction There was a time when the call center was seen as a place where phones rang endlessly and agents simply answered questions. That picture has changed dramatically. Today the modern call center sits at the center of customer experience, quietly coordinating returns, managing fulfillment concerns, and shaping how customers feel about every interaction with a brand. Instead of reacting to problems, teams now guide customers through complex journeys. Their role has gr

February 6, 2026

Article

In today’s financial landscape, credit scores play a major role in determining access to loans, housing, and even employment opportunities. For individuals facing late payments, collections, or inaccurate credit reports, rebuilding credit can feel overwhelming. This is why many people turn to professional services for guidance. Among the growing number of Credit Repair Companies in Houston and providers offering Credit Repair San Antonio solutions, White Jacobs continues to

February 6, 2026

Article

Choosing the right POS terminal is more important now than ever. With customer expectations rising and payment methods changing quickly, businesses need a device that works fast, stays secure, and handles different payment types. The PAX A30 is a popular Android POS terminal that has gained attention for its modern design and strong features. In this review, we look at how well it performs in real life, what makes it stand out, and whether it can truly be called the best Andr

January 17, 2026

Article

Installing a rack mount server cabinet is an important task for anyone setting up a server room or a data center. These cabinets are designed to hold servers, networking devices, and other hardware safely and in an organized way. A well-planned installation helps improve airflow, manage cables neatly, and secure equipment, which makes the server room safer and more efficient. Whether you’re setting up a small office server or a larger business data center, knowing how to in

January 16, 2026