Website security is about doing all you can to protect your online store, your clients’ information, your reputation, and your client’s confidence, so they return time and time again. Security is approached in layers, and your website developer should have all these covered… Just in case, here’s a good list of what to look for.
1. Your store’s checkout must trigger the ‘little lock icon’ on your web browser.
This is the most basic of security measures. Encrypt all transmission of client data with an SSL Certificate. This ensures that your website’s checkout funnel is encrypted, preventing anyone from eavesdropping on the communication between your client and the store. It goes a long way toward building confidence. Failure to do this puts all of your clients at risk of having their credit card details stolen.
2. Your store must encrypt all communications with your credit card processor.
This is one where you must trust your website developer, and hope they do the right thing. Just like you want to protect the data as it travels between your customer and your website, you also must make sure you encrypt that data as your website communicates with the bank. Imagine how many credit cards can be stolen as your website processes them! Insist that all communication with your credit card processor is completely protected.
3. Choose a good host.
Here as well, your web developer should help you. Many business customers opt for a low cost host, without understanding the implications. Low cost usually means your site is sharing a home with hundreds of other websites. The hosting company has no inherent reason to protect your valuable online store, over any other run-of-the-mill website. Make sure your hosting company has a proactive approach to security, employs encryption, performs backups, keeps logs, and has a good network monitoring system. You wouldn’t want the next account at your host to start poking around your website!
4. Use an online credit card gateway.
If you take credit cards online, and don’t process them immediately, you have a host of issues to contend with. The credit card may or may not be valid and must be checked by hand, possibly delaying a sale or causing customer dissatisfaction. The cost of a good credit card processor is negligible, and worth all the benefits in security and efficiency. Your web developer can help you select a reputable processor.
5. Your store must never save credit card information.
This is a follow up to the previous point. You’ve done your homework, use an SSL certificate, encrypt all communications, have a good reliable host, and use a credit card processor. Still, bad things can happen, and there are few things worse than having a break-in where the database is stolen. When this happens, you will be glad to know that no credit card information is in that database. How can you take credit cards online and not store them? This is a function of your website developer helping you choose a credit card gateway that supports customer profiles, and that the developer uses them. Each time your store needs to process a credit card, the system creates a customer profile at the processor. This is like ‘hot potato’ – your store only touches the credit card number long enough to get approval, yet the system even supports recurring charges.
Need assistance securing your store or website? Give us a call and we can give you a free assessment.