Columns and Blogs

Technology Tip
Dave Pelland has extensive experience covering the business use of technology, networking and communications tools by companies of all sizes. Dave's editorial and corporate experience includes more than 10 years editing an electronic technology and communications industry newsletter for a global professional services firm.

Mitigating Small Business E-Commerce Security Threats

Mitigating Small Business E-Commerce Security Threats

With a growing number of small businesses launching e-commerce operations and shifting portions of their sales online as a result of the COVID-19 pandemic, understanding and mitigating the potential security threats has become increasingly important.

As the risk increases, the good news for small business owners is that they have a number of options and prudent steps they can take to mitigate that risk and enjoy the potential benefits of e-commerce in serving their customers and increasing their revenue.

Security threats always evolve in response to the latest defense measures, and hackers today depend on automated tools that scan websites to find known security vulnerabilities. The automated nature of the attacks means even the smallest of companies need to understand the risks and take the appropriate mitigation measures.

Decide on Your Platform

One of the first decisions you’ll have to make in setting up your e-commerce operation is choosing the software platform that you’ll host your products and shopping cart. You can choose a cloud-based, hosted platform that provides an e-commerce storefront, inventory management and security tools as an integrated service, or you can host and maintain the software yourself.

Hosting e-commerce software on your company servers lets you customize your site’s appearance and functionality, but requires technical expertise. Using a cloud-based platform is often a better choice for small business owners who don’t have that expertise, or who just need basic functionality to sell products online.

One of the most important advantages is that the cloud provider handles the security requirements, such as encrypting the connection between the site and your customer’s device, and using two-factor authentication to prevent unauthorized users from accessing your account or customer data.

A secured website, for instance, which is indicated by an SSL certificate, encrypts web traffic between your provider and your customers, which makes the customer’s personal and payment information much more difficult for a hacker to intercept.

In addition to providing important protection for data, an SSL certificate is viewed as a basic security measure that websites are expected to have. Search engines tend to downgrade companies that lack secure sites, and the popular Chrome browser will present a warning indicating that a non-secure site may not be safe to visit.

Most hosted e-commerce platforms also provide basic SEO features to help increase your site’s visibility and online sales.

E-commerce platforms are sold as monthly or annual subscriptions, with rates depending on the number of products that are offered and some additional services. Popular choices include Shopify, BigCommerce, WooCommerce, Squarespace, Wix and others.

Security Measures

After you’ve selected an e-commerce platform, it’s important to understand its security features and settings. If you use a hosted platform, it’ll have tutorials that will explain the important settings and provide other advice about securing your pages effectively.

If your company has a website outside of its e-commerce platform, it’s important to make sure you protect that site as well. If it’s hosted on WordPress, for example, be sure to update the underlying software and any plug-ins you’ve installed because outdated software is a common target for hackers.

It’s also helpful to change the default log-in credentials for your WordPress site, and to require two-factor authentication for passwords. Both of these measures will go a long way to preventing the ability of automated password-guessing tools to access your account.


Read other technology articles