By Blair Williams, founder of MemberPress
Technology allows us to do everything from ordering pizza to keeping track of our finances from our smartphones, laptops or tablets. However, due to the increased accessibility, more and more people are using the internet for malicious reasons than ever before.
According to the FBI, cybercrime cost victims upwards of 1.4 billion dollars in 2017, and that number is rising. If you're the owner of a small online business, you have a lot to lose if a hacker breaks into your website. You could lose not just your business, but the trust of consumers. One breach could result in hundreds of thousands of dollars in losses.
I want to help small business owners prepare for inevitable attacks from hackers and scammers. The following tips will help you keep your online store secure in 2019.
Use multifactor authentication.
Google normalized multifactor authentication when it introduced its two-step verification program. The goal of this service is to help protect consumers if a hacker manages to break into their account through a brute force attack.
Multifactor authentication can stop malicious attackers in their tracks. When you create a Google account, you’re prompted to add a phone number to your account. Once you sign into your account, you’ll get a text with a six-digit code that you need to log in with your password.
If a hacker guesses your password, they won’t make it into your account because they don’t have your phone for the second step of authentication. Business owners should always use multifactor authentication when logging into their accounts because they can keep even the most ambitious attackers at bay.
Encourage customers to change their passwords often.
Cybercriminals will indiscriminately attack your customers’ accounts and put their funds and your reputation at risk. While damage to customer accounts can cause less damage than a full-blown assault on your website, it's still not a good look for your business and can break down the trust customers have for your brand.
You can reduce the chances of an attack by automating an email to your customers every month that encourages them to change their passwords. Aside from regularly changing passwords, you can hand out authentication tokens that allow customers to access your website by verifying their identities. This tactic is similar to multifactor authentication but can be used on a much broader scale.
Never store sensitive customer data.
While we’re on the topic of protecting your customers, it's a good idea to erase sensitive customer data as soon as it has served its purpose. For example, when a customer buys something, delete their card information as soon as the payment is approved.
If you don't have sensitive customer data on your website, a breach is far less likely to damage your reputation. You can quickly address the attack and make repairs as needed while resting easy that all of the critical customer information is off of your server.
There are options for consumers to save things like credit cards or passwords on their end, depending on their browser. If they want to have this information ready for the next time, let them save that data themselves to mitigate risk.
Create website backups.
Despite the safety and security offered by hosting companies and anti-viruses, sometimes a breach occurs and your website becomes compromised. In this worst-case scenario, you're going to want to have a backup of your website available.
I suggest making multiple backups of your website both online and locally. For example, you can use a backup service to store a secure copy of your website on another server. You should also make personal backups and store them on flash drives that you can carry with you or leave at the office.
A system backup ensures that if your website is compromised, you'll be able to get it up and running again. It's not fun to think about how one hacker can take down your website, but being prepared will give you some much-needed peace of mind.
In 2019, internet security is a huge concern for business owners and customers. There's no way to 100 percent stop a cyberattack, but if you keep these tips in mind when setting up your security, you'll have a better chance of stopping hackers before they can gain access to your website.
Blair Williams is the founder of MemberPress, an all-in-one membership website software for WordPress.