Despite a recovery on the horizon, many retailers will continue to work remotely this year. And since many brands scrambled to get up and running online, there are definitely elements of their “new normal” putting them at risk.
Without understanding and mitigating them, online retailers run the risk of wiping out all the gains they have recently built up.
The Security Risks Of Working Remotely
Time and time again, we see three areas where an e-commerce merchant’s store is vulnerable, and all these vulnerabilities impact your most vital resource: data. The first risk involves the various software or apps you install into an e-commerce store. All the apps that optimize this or automate that have a significant amount of control over all the data in your online store.
Many people I speak with are skeptical of this, so I would encourage you to audit the terms and conditions of the third-party applications you use. You may be surprised to find that many of them own your data or can edit and delete it as they see fit.
The second most common threat we see is cybercrime. Today it happens to all online brands, not just the household names. And attacks have been increasing since the start of the global pandemic. The FBI reported a 400% increase in cybercrime this summer. Most attacks involved ransomware, phishing or some other form of nefarious activity. At best you get locked out of a store for a day or two. In a worst-case scenario, everything gets deleted forever.
The third risk to data we see is good old human error. It’s inevitable people make mistakes, and the risk rises when people are working in new environments, with software they are still learning to use. Most online tools have default settings for what users can access; usually, this level of access is “everything”. Not restricting access based on skills and responsibilities can be a recipe for disaster, as employees or contractors may accidentally make changes or delete something permanently.
The Stakes Can Be High in Cloud Computing
After five years of building software for e-commerce, I continue to encounter a major misunderstanding of how cloud tools work, specifically SaaS. There is a misconception that cloud tools, like Shopify or BigCommerce, save everything forever. It’s not accurate.
These software platforms will ensure that you can always login and access their product. But they typically don’t guarantee your data will be there. In fact, our 2020 E-commerce Data Protection Survey found that one in four online stores have lost vital store data at some point, and the biggest impact of these data disasters was an immediate loss in sales.
How to De-Risk Your Data Liabilities
The good news is that there are some steps you can take today to help protect your business.
The first is to use a password manager to keep track of all the complex passwords we know we should be implementing but rarely do. A password manager is incredibly helpful as more businesses become reliant on technology and are storing sensitive information. You can also use these tools to install two-factor authentication if any of your current programs don’t have that functionality.
The next step is to audit all of the third-party applications you have installed. It can take a bit of time but is well worth the effort. In the end, if the risk of having the app outweighs the benefit, seriously consider whether it’s worth keeping.
The last thing to implement is a backup strategy. This is different from just saving a copy of files on a hard drive. It’s creating a process to restore every section of a store. And here’s a fun fact: Not everything in an e-commerce store can be exported.
Furthermore, every time you make a change to your store, all the corresponding files need to be updated as well. There are backup-as-a-service companies that automate this process, but as we noted, do your homework on any third-party apps. Ensure you are entrusting your data to a reputable company.
E-commerce stores only work when they can access the data they rely on. Without a data protection strategy to mitigate internal and external risks, you could easily be throwing money out the window.
These steps are significant and not enough online retailers put them in place. If you take your e-commerce store data risks seriously and take the necessary steps to protect it, you can be ahead of the curve as you move into 2021.
Mike Potter is cofounder and CEO of Rewind.