The primary holiday rush is over for this year. Your ecommerce store has survived another busy season - and a longer, more demanding one at that. Now your store can take a step back and analyze: What worked? What can you improve next year? Which factors contributed to a favorable ROI? How must your online store grow to accommodate rising demand?

Meanwhile, hackers and cybercriminals are actively working out new ways to exploit websites. Cybersecurity will continue to be a hot-button issue in the coming year and beyond, so the lull following the holiday shopping season is no time to get complacent.

Consider these five tips for avoiding a post-holiday hack on your ecommerce store.

Stay Payment Card Industry (PCI) Compliant

By some estimates, a data breach costs retailers $172 per record. Arguably worse than the outright financial damage is the hit your reputation will take if you allow a malicious third party access to your shoppers’ personal and financial information. Violating your customers’ trust can cause even the most loyal customers to turn their backs on your company for good.

It’s important to ensure your website stays PCI compliant, meaning you feature a secure checkout complete with Secure Sockets Layer (SSL) authentication. On a basic level, this encrypts information sent between browsers and your web server. A secure connection allows shoppers to complete transactions without a hacker intercepting their credentials.

PCI compliance is something to be aware of when you’re building and hosting your ecommerce store. For example, some free website themes work with compliant providers to add automatic protection to your checkout.

Update Your Systems Regularly

How long have you been putting off that past-due system update? It’s much easier to set aside a few minutes a week or month to make sure your technology is up to date than it is to find out you’ve been hacked. Stay current on antivirus software, bug fixes and more for optimal results.

Know Your Employees

Your employees’ actions have an effect on your overall ecommerce store. Something as simple as requiring employees to create unique, complex passwords and update them regularly can help stop a cybercriminal in their tracks. Some businesses choose to use randomized passwords containing a string of numbers, letters and characters. To keep track of these passwords, you can utilize an offline password manager.

woman shopping online ecommerce

It’s also prudent to make sure you’re hiring employees with only the best intentions. Believe it or not, insider employees have caused data loss in the past. Focus on thorough hiring practices in the new year, and silo information so one entry-level team member alone doesn’t hold the keys to the kingdom.

Avoid Using Unsecured Wi-Fi for Business

Internet is down at your headquarters, so you figure you’ll just head to the coffee shop up the street to take care of some business. Sounds convenient, right? Except unsecure public Wi-Fi can actually open up your data and communications to nearby hackers. Using a Virtual Private Network (VPN) encrypts your connection so you can run your company more securely. It’s also important to make sure your firewall is intact as you browse.

Require 2-Factor Authentication

Two-factor authentication, also known as “2FA,” depends on:

  • Something you know (a password)
  • Something you have (a hardware token or mobile device)

If your store lacks two-factor authentication, a cybercriminal can pretty easily impersonate a shopper as long as they gain access to their account sign-in credentials. 2FA, however, would stop an attack like this in its tracks unless the hacker also got their hands on the shoppers’ cell phone—an extra layer of hassle for hackers.

The holidays are over, but hackers never sleep. Keep in mind these five tips for avoiding a post-holiday hack on your ecommerce store as you gear up for another year of running a website.


  • There are no comments, be first to comment!