Adolf Aikn – If you review and sell the top games, you have to stay vigilant against hacking and fraud. While it’s fun to test out the latest games, review your experience on your blog and sell them on your e-commerce site, it’s not fun to deal with a data breach. Hackers often consider small businesses low-hanging fruit when it comes to perpetuating cybercrimes.
Fortunately, defending your gaming business against attackers does not require the same caliber of combat readiness as the fictional Rico Rodriguez when he is about to infiltrate the Black Hand terrorist organization.
With that in mind, here are ten quick tips to protect your business from an unexpected infiltration by the bad guys online:
1. Get Comprehensive Security
Make sure you have comprehensive security for your servers, whether your data center is physical, virtual, or on the cloud. Good virtualization security should include integrity monitoring, intrusion detection and prevention, and anti-malware with web reputation.
2.. Pick a Secure Platform.
If you’re selling games, you are probably using an eCommerce platform. Choose one that has a secure object-oriented programming language. Open source eCommerce software can vary in sophistication. Find one where hackers can’t access the administration panel because it’s removed from your public-facing servers.
3. Be PCI Compliant
Your customers trust you to give them the latest reviews on the games that they should buy, and you can honor their faith in your business by making sure that you are PCI compliant and protect their sensitive credit card data with a great Secure Sockets Layer (SSL). Make sure online checkout is as secure as possible.
4. Do not store sensitive data on your server.
Hackers thrive on finding servers with thousands of customer’s financial records. It’s a goldmine for them to hack into a server with a large volume of credit card numbers.
How much financial information do you need to keep? Just enough to handle charge-backs and refunds. Don’t keep old records. Instead, keep your database at a minimum. Yes, it’s more convenient for customers to check out with their cards on file, but a breach could ruin your business reputation.
It’s not just small businesses that are under attack. Last year, Anthem was hit by cybercriminals and 80 million patients and employees records were affected. This sensitive information included names, birth dates, and social security. This breach could cost the company over $100 million. Some experts estimate it might be as high as 8 to 16 billion.
5. Ask Customers to Create Strong Passwords
Customers might prefer to require a minimum number of characters, symbols, or numbers when they have to create an account password, but it’s your responsibility to keep their information safe. So ask customers for more complex passwords.
If customers complain that you’re too demanding, then just add a friendly note to the page about how complicated passwords ensures their safety.
6. Be Alert to Suspicious Activity
You can automate with system alerts for transactions that might be suspicious. For instance, multiple transactions from the same IP address.
Be alert to the following suspicious behavior:
- ● Many orders from the same customer but with different credit cards.
- ● The use of phone numbers that are not from the same area as the billing address.
- ● A difference between the card holders name and the recipient’s name in the shipping address.
These are not necessarily signs of fraudulent behavior, but they can offer a valuable clue in association with other signs of suspicious behavior.
7. Use Layered security
Think of security like a fortress. You not only have a moat but crocodiles in it, too. You not only have high walls that are difficult to scale, but soldiers on the top prepared to rain down a storm of arrows.
Similarly, to protect your website, you must have firewalls, contact forms, search queries, and login boxes. If a cybercriminal breaches one defense, there is another level of security to stop them.
8. Train your staff
There is no point developing a secure website but not ensure that your staff goes through intensive security training. Without this training, they might email customer information, send out a text with sensitive data, or say something during a chat session that undermines your website security.
9. Ask your hosting providers about their security measures
You should only host your eCommerce site with a company that offers its customers tight security measures. Does your host regularly monitor their servers to detect viruses or other malware? Is there a plan you can sign up to scan, detect, or remove any harmful software on your website?
You may be familiar with the escapades of Rico Rodriguez in Just Cause 3 but feel uncomfortable with the real life security measures you need to take. When you’re writing a review for the blog on your gaming eCommerce site, the last thing you want to consider is someone hacking your website and stealing credit card information or other sensitive information.
Security precautions are not fun to handle, especially if you are not well-informed about the latest threats and scams online. However, this is not something that you can skip, hoping for the best.
If you don’t know what steps to take, then hire a consultant, but ensuring high security for your customers is a necessary part of your business.