In 2018, nearly 30 billion hackers attempted to log into a website using stolen credentials. Online retailers in particular are not only responsible for their own data, but also for that of their customers. We have tips for protection.

State of the Internet

This year's security report from CDN provider Akamai "State of the Internet" presents alarming figures: In 2018, almost 30 billion hacker attacks took place with the intention of logging into a website with stolen user data. Online retailers in particular are not only responsible for their own data, but also for that of their customers.

 Use complex passwords

Online retailers require many passwords, for example for administrative access to the shop system, access to databases or web hosts. It is advisable to choose passwords that are as complex as possible, contain letters, numbers and special characters and are at least eight characters long .Passwords that are too simple or too short can easily be decrypted. In addition, different passwords should be used for each access in order to prevent a total loss if a single password is lost. A password manager helps to manage the different passwords.we learn cyber_security and safe to hacking

Use virus scanners and firewalls

Virus scanners can fend off viruses and Trojans. A firewall is also useful, and no changes can be made to it without permission. The programs must always be kept up to date. The operating system must also be updated regularly, and the manufacturers close possible security gaps here as well.

Keep the shop system up to date

The same thing that applies to virus programs and operating systems is also important for the shop system: always keep it up to date. Most vendors provide regular updates that fix known vulnerabilities and may include security-related features.

Be stingy with write permissions on the web server

The more files have write permissions, the greater the risk of malware getting onto the web server. In the worst case, these files read customer data. It is therefore important to only assign write permissions where they are really needed.

Secure forms

Forms are often used as a gateway for malware, for example search forms, user registration or customer login. In the program code you determine how this data is processed and read out. Therefore, when creating the code, you should (have) built in algorithms that make it difficult for malicious programs to penetrate the system using so-called code injection attacks.

Encrypt sensitive data

There is no such thing as 100% security use It system, and there never will be. No manufacturer can fix unpublished vulnerabilities, so every system will always remain vulnerable. It is all the more important to be prepared for the worst-case scenario. A very effective method is to only store the data encrypted and to keep the key safe and separate from the data. If an attacker gains access to the system, he will only find unreadable data.

Get professional help     

Nobody can be a specialist in everything. This applies in particular to information security. There are solutions and specialist staff for this who can support you in securing the online shop and clearly identify where the shoe pinches. The palette ranges from automated vulnerability scanners to external information security officers