Security is one of those things that you only really start feeling how important it is when it’s too late.
I believe one of the reasons is because most online stores think why would anyone hack them? You rarely hear about SMEs being hacked and so it must not be a problem.
The thing is the high profile companies are most probably a targeted attack, which means someone on purpose went after them.
In reality what happens for most websites is a mass attack, not even done by a person behind a computer.
The person writes a piece of code that automatically finds websites and hacks them for him.
So it doesn’t matter who you are or how uninteresting your online store might be for an attacker, if it’s online, it’s a target.
What can happen to your online if it gets hacked?
That depends on the hacker behind the attack, most of the time it can fall under one of these:
- Defacing: they have a message, and your website just became the billboard they rented on the internet
- Platform to launch more attacks: your website sits on a web server that is powerful enough to do a lot of damage, the hacker uses your website as an entry point to do more damage elsewhere
- Install viruses on your visitors computers: this is very popular and what happens is your website visitors will be sent a virus through your website which can help the hacker make money
- Hack your customers bank accounts: your online store might help the hacker get access to your customers credit cards and bank passwords
…there’s more, but you get the picture, it can get very ugly.
Securing your eCommerce store might sound super complex right now, but it’s not.
Most the attacks are looking for easy access from a software bug or a common problem.
So if you cover the basics and have a protective layer on your online store, you are automatically blocking 99% of the attacks.
That 1% though, that is a complex situation.
You need to know that you are never 100% secure from a targeted attack, never.
Okay fine there is one way to do it.
You need to find the room your server is on, go to the back and look for the blue wire — the one that’s connected to the power socket.
And remove it.
Then throw your smart phone and laptop in the washing machine, you are done!
Haha. Not funny right? We are talking about your online store security here, excuse me.
Okay what do you need to do to cover for the 99% first?
- Never re-use passwords anywhere
- Use randomly generated passwords everywhere
- Use 2 factor authentication wherever possible
- Keep all the software you use up to date all the time
- Depending on your online store software and web hosting, you might need to sign up for a security firewall such as Sucuri.net
Following the checklist you can be sure majority of automated attacks are blocked.