5 ways to boost your ecommerce security


Cyber-attacks and security breaches can be incredibly costly, inconvenient, and require a significant amount of time and resource to counteract if you don’t have the right measures in place. But guarding the data of your business and customers isn’t just a safeguard against lost revenue; it’s also key to establishing trust among your customers and prospects. Breaking or losing that trust can be incredibly damaging to your business, sales and wider brand reputation. However, selling online doesn’t need to be a risky endeavour. Here are some key ways to strengthen the security of your e-commerce platform to deliver the safe and reliable online shopping experience your customers expect.


  1. Open source vs closed source

One of the first things to consider when purchasing new ecommerce software is whether you want a solution based on open source or closed source code.  Closed source software has all rights retained by its developers and/or distributors, making it easier for the company to control the development environment. Yet, this doesn’t necessarily mean that closed source code is always safer – it simply comes down to the quality of the developers. Open source code is created by an open community of developers, meaning there are no restrictions as to who can use, examine or change the code. While this means that the code is checked more regularly (so vulnerabilities are usually discovered quickly and more often) this also means that the source code could be easily accessed by cyber criminals or others with harmful motives. And if they manage to break in, they can access a whole host of unprotected information. It’s important to consider the pros and cons and weigh up your options to find the best fit for you.


  1. Use a VPN as the route into ERP

B2B buyers typically require access to more information to make purchases than consumers; as well as extensive product information, they need insight into real time inventory levels and access to the same customer-specific pricing they’d get if they were calling your sales representatives directly. This information is already stored in your ERP, and by integrating it with your webstore, you can share real-time information and open up possibilities for a personalised online buying experience. However, the security of this connection is paramount. Setting up a Virtual Private Network (VPN) between your ecommerce platform and ERP helps to keep the connection secure and data confidential, as any data sent via this method is encrypted and intercepted data is undecipherable without the encryption key.


  1. Failover systems

Once you’ve worked hard to build up strong client relationships, you don’t want these to be eroded by unreliable service. Protect your presence with a failover system that lets you switch to previous backups of systems and data should your primary webstore environment become unavailable. A failover system with one or more of these ‘redundant’ installations means that in the event of a power outage, technical server problem, or other issue, your clients won’t be cut off.


  1. Ensure your vendor is security compliant

With so much choice on the market, a good way to narrow down your options is to weigh up the security offerings and compliancy of different vendors. Here are a few things to look for;

  • Ensure that your ecommerce vendor has its security evaluated, tested and certified by its partners.
  • Your vendor should conduct thorough security audits on a monthly basis.
  • Check that the vendor doesn’t store payment details – these should always remain with the Payment Service Provider (PSP).
  • Involvement with the Open Web Applications Security Project (OWASP). This is an open source project, where individuals and organisations share information and techniques to identify unsafe software. This is a good sign that your vendor is constantly working to develop its knowledge and immunity to security issues.


  1. Choose SaaS to ensure regular security updates

SaaS means you’ll have automated ecommerce updates and the latest security fixes, meaning your installation will always be protected against vulnerabilities like downtime, data loss and hacks. As well as offering the most advanced version of your webstore possible, you can enjoy extra peace of mind that you’re providing a reliable, safe and secure experience for your customers.