Subscribe Now

* You will receive the latest news and updates on the Canadian IT marketplace.

Trending News

Blog Post

E-tailers: Build a remediation plan before the breach

E-tailers: Build a remediation plan before the breach 

“E-tailers have a huge proximity to consumers,” said Andrzej Kawalec, CTO, HP Enterprise Security. “They have multiple channels through which they communicate with them, and they use that information to drive their business performance. At any time, consumers may have two or three different browser sessions going at once, or may be asked to enter their password and account details several times between login and purchase. This gives the cyber criminal a much broader attack surface.”

With so many factors to consider, what can an e-tailer do to keep customer data secure?

Customers no longer wish to be confined to their desktops when interacting with brands. They want to be able to access and change their account settings on the go, which means they often use the same credentials on multiple devices. Kawalec suggests that multi-factor authentication—or at least more stringent rules surrounding credentials—may be the solution.

“How they can authenticate and educate users is one of e-tailers’ primary challenges,” said Kawalec. “It may involve using additional passcodes, changing and updating passwords or having a token that has additional layers of security.”

Business leaders also need to ensure they have a remediation plan prepared in the event that something goes wrong. Kawalec pointed out that, according to a recent study, only 24 per cent of business leaders are confident that they can properly respond to a breach. This must change.

“E-tailers…need to understand that when a breach occurs, it’s already too late to start thinking about how to respond to it. They must have trusted third parties in place from the get-go so they can help them deal with it,” said Kawalec.

Kawalec also stressed the importance of communicating with and educating consumers, both when it comes to preventing breaches and what steps they can take in the event that their data has been compromised.

{module Gone in 60 seconds}

Related posts