If your retail business has little to no security policy in place, you run the risk of security breaches which can cost time, money, consumer trust and can result in legal actions.
What are the 4 main motivations for retailers to adopt security practices?
- Protection of operational systems (eg. system shutdown)
A virus is capable of disrupting business systems by erasing data, freezing or breaking systems. This business interruption can cost daily revenues, replacement costs, repair expenses and can even lead to business failure. - Keeping property safe from theft (eg. data theft)
A security breach can result in data being stolen. This can be devastating for retailers whether it is customer data, intellectual property or other valuable information. - Financial protection (eg. monetary theft)
An e-commerce breach can redirect shopping carts and credit card information to a malicious third party. Retailers may be responsible for the repayment of funds, and insurance coverage will vary based on the business ability to prove diligence and other factors. - Saving your company from a negative perception
Retailers that are compromised generally experience a loss of customers.
The top 5 security and privacy must haves
- Install antivirus and security software for your devices, browsers and network
These programs will scan emails, devices, websites, and programs for risks and alert users of potential danger. They can also be set to prevent action that would cause damage by blocking visits to malicious websites or preventing the opening of an infected attachment. Programs can also include firewalls for networks. Visit the NRA Digital Business Kit Resources for a list of security software reviews, free and paid programs and more. - Security and privacy policy for staff
Many security and privacy events are due to a mistake or the unknowing actions of a staff person. Make sure there is a clear policy around all online activities, data handling and online communications. - Back-ups – A company backup is essential
This can be a cloud-based backup or a device backup (to a storage device like a USB or external hard drive) and must be a part of your policy and service requirements. It must be carried out diligently. There are programs that will automate systems’ backups if manually backing up system information is not being adhered to by staff. Visit the NRA Digital Business Kit for more on cloud-based backup services (including free services). - Secure e-commerce
If your company is selling online and/or collecting credit card information, ensure the pages being used to collect this information are SSL security set (SSL certificate for your site is supplied by your hosting company). This means you should see https:// instead of http://. The “s” represents security. A reputable 3rd party should be considered for handling credit cards and storing any sensitive customer data. - Password strength
An easy fix with great results – making your system passwords a few digits longer and a mix of characters and numbers can extend time for a hacker to access your system from 10 minutes to several years. Worried about remembering all the passwords? There are lots of programs out there that can help you with passwords – check out the NRA Digital Business Kit Resources.
Learn more about online selling, and everything digital, in the National Retail Association’s Free Digital Business Kit.