“Having non-repeatable passwords with certain conditions – upper case, with a special character and number – is key,” adds says Anthony Julien, director IT at Dupray, which sells steam cleaners and steam irons.
Also, “don't store passwords,” says Mike Baukes, cofounder & co-CEO, UpGuard, a cybersecurity company. “If you absolutely must have user accounts in an application you're building, don't store passwords if you can help it. Use an authentication protocol called OAuth from a trusted provider with two-step verification like Google, Facebook, Twitter, etc.”
8. Use multi-factor authentication. “Multi-factor authentication adds an extra layer of security to your WordPress ecommerce site, toughening it up against brute force botnet attacks and similar threats,” says Brett Dunst, vice president, Brand and Community, DreamHost. “It’s easy to implement, too. For example, this plugin lets you implement Google Authenticator, so that logging into your site will require your password and verification via your personal mobile device.”
9. Keep up-to-date on security patches, especially for open source platforms (such as WordPress and Magento). “Nearly a quarter of all websites are built on the WordPress platform,” says John Macaulay, cofounder & chief content strategist, BizZen Canada. “However, it's open source, meaning that without the proper precautions, a WordPress website is at risk of security issues. To mitigate these risks, an SMB needs to ensure that they or their Web guys always update the site and all plugins to their latest versions,” he explains. “As well, install a premium security plugin on the site. And just in case something does go horribly wrong, regularly backup the entire site to off-site cloud storage, [which] can be automated.”
“If your ecommerce site is built on a common open source platform such as Magento, make sure that your developer is scheduled to conduct security patch updates every single month,” says Bart Mroz, CEO, SUMO Heavy, a digital commerce consulting firm. “It’s easy to let your website run on autopilot, only fixing problems as they occur, but in today’s world where there are new vulnerabilities popping regularly, be proactive and stay up to date with the latest security patches to ensure the security of your ecommerce website.”
10. Make sure to back up your site regularly. “Back up your data in two places,” says Matti Kon, founder & CEO, InfoTech, a software development company and systems integrator. “Back up data on a hard drive as well as in the cloud. If the hard drive crashes [or there’s a fire or flood at your office or facility], you can still retrieve your data in the cloud.” Also, be sure to “regularly schedule data backups on both the hard drive and the cloud to maintain the safety of your businesses information.”
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.