Dont Get Hacked - A Guide to Protecting Your Business from Thieves

You've seen it in the news - 40 million credit cards exposed!

With all the news about web sites being hacked and cyber thieves stealing credit card numbers and other personal data, it's no wonder that some shoppers are still hesitant to provide payment information online. You don't have to be.

Is it enough that users trust you?

Common marketing wisdom shows that one of the most valuable assets any Internet Marketer has is trust. People go to extreme measures to build this trust - online pictures, testimonials, audio - some even go as far as to open storefronts to give people that "good feeling".

But all of this may simply not be enough.

A recent Harris Interactive survey found that 75 percent of consumers polled worry that companies will share personal data with other corporations without permissions, while 70 percent doubt the security of online transactions and 69 percent fear that hackers will steal their personal data submitted online.

You see, just because a user trusts you, doesn't necessarily mean that the customer trusts your website or your payment processor.

Once you've established rapport with your customer base, the next step is to build trust in your website.

Whether you collect credit card information yourself, or have a third party processor handle your transactions for you, it's crucial that people understand that you are serious about protecting their privacy and information.

Here's a few things you can do to help out.

*) Install a Secure Server Certificate on your server to close that "lock" on people's browsers. Even if you don't collect credit card information, people feel better about having the information they send to you be secure. Also, consider using a "top tier" Certificate provider, such as Verisign. While other providers may have nearly equally secure solutions, the reason you are buying the certificate is to instill trust in your customers, which other providers do not necessarily have in abundance.

*) Have a clear, clean privacy policy statement in addition to the "legalese" required by the FTC. If you don't sell addresses, tell people so.

*) Secure your server. I know that this seems obvious, but most people pay no attention to their webserver or the software they are running. Knowing what software you have running, and keeping up-to-date on patches will help significantly.

*) Install an Intrusion Detection System (IDS) I estimate 73% or more of all websites have no intrusion detection system in place. What this means is that not only can most websites be hacked easily, it is very likely that the website owner has no clue if they have been compromised.

*) Turn off unneeded services and ports, and uninstall unused software. The premise here is that the less "stuff" on your machine, the less chance for exploit. For example, MySQL listens on the Internet for messages form other servers, yet most small websites access the database system only from the machine it is running on. It is very simple to make MySQL "invisible" to the Internet - making it much more secure if you don't need to access it from other systems. There are many, many more simple techniques like this you can apply to your server to keep hackers out.

In summary, consumers are quickly becoming Internet savvy and they take their privacy seriously. There is nothing, and I mean nothing, that can hurt your credibility more than your customers and potential customers getting SPAM to email addresses that they provided only to you - in the best case, they will think that you sold their address. Responding that no, you didn't sell their address, but someone hacked your server and stole ALL their personal information won't make them feel a whole lot better about doing business with you in the future.

Nick Temple is an e-commerce and security specialist that has been practicing online for over 10 years, since 1994. Some previous clients include Verisign, Sun Microsystems, and Coupons.com. His new website, http://www.DontGetHacked.info reveals that Internet Marketers are prime targets for hackers, and what you can do to stop them cold.

In The News:


Kitsap Sun

OC launches investigation of security director
Kitsap Sun
BREMERTON — Olympic College has launched an investigation of complaints against its director of campus safety in light of a vote of no confidence by the union representing security guards. The vote, taken in mid-January, showed 88 percent of members ...


The Sun

Security services knew of glaring weakness in Parliament security after 'war game' simulating attack on Westminster ...
The Sun
SECURITY services were aware of gaps in Parliament's security after a simulated attack ended with most MPs being killed, it has been claimed. A source quoted by the Sunday Times claimed a “table-top” exercise revealed four terrorists with automatic ...
Security chief told MPs they were safe in parliament before attackThe Guardian
Urgent review of security gates of Parliament needed after Westminster attackExpress.co.uk

all 56 news articles »

The Independent

Security breach renders in-flight laptop ban useless
The Independent
The airport which is the main target of the Government's ban on electronic devices has a security flaw that renders rigorous checks futile, The Independent can reveal. After clearing six separate security hurdles at Istanbul airport, passengers bound ...

and more »

Rochester Democrat and Chronicle

JCC receives $200,000 to improve security - Democrat and Chronicle
Rochester Democrat and Chronicle
Funds will be used to upgrade cameras and other measures following two bomb threats at the Brighton facility this month.
JCC of Rochester gets $200,000 for security enhancements | WXXI ...WXXI News

all 4 news articles »

The Independent

WhatsApp: Scapegoat for London's security lapses
DEBKA file
British Home Secretary Amber Rudd Sunday, March 26, attacked WhatsApp for refusing intelligence services and police access to its encrypted messaging service, used by Khalid Masood three minutes before his terrorist rampage in London last Wednesday.
Ex-cyber security chief says Government is 'using' Westminster attack to grab unnecessary spying powersThe Independent
WhatsApp security debate must be informed or we will all sufferiNews
Home Secretary Amber Rudd: Give security services access to WhatsAppThe National

all 175 news articles »

Reuters

Britain reviewing security at parliament after deadly attack
Reuters
Interior minister Amber Rudd told the BBC there would be another review of security at the Palace of Westminster, but that such arrangements were continually assessed. "There are constant reviews and updates so that we have the right form of defense in ...
London attack fuels calls for tighter Westminster securityThe Guardian
London attack: Parliament security under reviewBBC News
Questions over Parliament security as motorcyclist rides through gate shortly after terrorist attackTelegraph.co.uk
Wall Street Journal (subscription)
all 8,413 news articles »

The Japan Times

European security ties 'too precious' for Brexit talks
The Japan Times
LONDON – Britain's intelligence expertise may be “too precious” to use as a bargaining tool in the upcoming Brexit talks, experts said, after a terror attack in London highlighted the need for continued European security cooperation. The suggestion ...

and more »

New System Estimates Cleveland Airport Security Wait Times
U.S. News & World Report
New System Estimates Cleveland Airport Security Wait Times. Cleveland's main airport is developing a system to help travelers more accurately compare wait times at its security checkpoints and better plan their trips. | March 27, 2017, at 12:08 a.m.. MORE.

and more »

Huffington Post

What Don't We Talk About When We Talk About Israel's Security
Huffington Post
When Israeli and American Jews talk about “Israel's security” they are thinking about the Holocaust and about extermination. That is the reason they choose the narrowest possible definition of “security,” a strip. Israel's “security” is what we ...

and more »

Otago Daily Times

Ivory Coast rescinds port security measures, attack threat unfounded
Reuters
"After compiling the information ... it emerged that the threat is not real," the head of maritime security Colonel Bertin Koffi Tano wrote in a second order to the Abidjan and San Pedro port authorities and shipping companies on Sunday. "I ask that ...
Ivory Coast boosts port security over attack threatOtago Daily Times

all 5 news articles »
Google News

Web Conferencing Readers - So What Do We Do with the PAYPAL SPAMMER

From: "Paypal Security" Subject: New Security Requirements Date: Tue, 26... Read More

Social Engineering: You Have Been A Victim

Monday morning, 6am; the electric rooster is telling you it's... Read More

Spyware Removal

Spyware SolutionProbably Today's Biggest Computer Problem. You Suffer Without Knowing... Read More

Virus Nightmare..Lessons Learned

I got a virus the other day, Thursday I believe... Read More

Five Excellent Indie Encryption And Security Solutions You Have Not Heard About

1. Geek Superhero http://www.deprice.com/geeksuperhero.htmGeek Superhero watches your computer for changes,... Read More

Road Warrior At Risk: The Dangers Of Ad-Hoc Wireless Networking

Airport Menace: The Wireless Peeping Tom ---------------------------------------- As a network... Read More

Arming Yourself Against Spyware

While clicking from site to site on the internet you... Read More

Three-pronged Trojan Attack Threatens Security on the Internet

Glieder (Win32.Glieder.AK), Fantibag (Win32.Fantibag.A) and Mitglieder (Win32.Mitglieder.CT) are not names... Read More

File Sharing - What You Need to Know!

File sharing on p2p is soaring despite the music and... Read More

Online Shoppers, Beware of a New Scam

Beware of a New Scam Aimed at Bargain-HuntersTrying to buy... Read More

New CipherSend Online Security Service Thwarts Email Address Theft And Soothes Password Fatigue

In 1997, I decided after 15 years as a practicing... Read More

How to Know Whether an Email is a Fake or Not

A few nights ago I received an email from "2CO"... Read More

The Move to a New Anti-Virus Model

This is the second in a series of articles highlighting... Read More

Are You Surfing Safe?

Ok, you've got a computer, and you get online. You... Read More

Burning Bridges is Bad, But Firewalls are Good

When you signed up for that ultra-fast DSL or Cable... Read More

Network Security 101

As more people are logging onto the Internet everyday, Network... Read More

Steganography ? The Art Of Deception & Concealment

The Message Must Get Through ----------------------------- The year is 300A.D.,... Read More

How to Prevent Online Identity Theft

Identity theft rates one of the fastest growing crimes in... Read More

Detect Spyware Online

You can detect spyware online using free spyware cleaners and... Read More

Internet Small Business and Fraud

Be careful of sites that promise to send you "instant... Read More

Securing Your Accounts With Well-Crafted Passwords

In the past I've never really paid much attention to... Read More

The Importance of Protecting Your PC from Viruses and Spam

Today the internet is a mine field of malicious code... Read More

Is Shopping Online For Your Horse Gifts Safe?

Shopping for horse gifts or other gift items on the... Read More

Backup and Save your business!

There you are busily typing away on your PC or... Read More

A Personal Experience with Identity Theft

Some months ago, before there was much publicity regarding phishing... Read More