When looking for an eCommerce solution, we often think about how we want the website to look, sales features, and tools for simple website management. We tend to focus on how to make customers happy and how to serve them better via an eCommerce website. These are important things to look for as your business is to serve your customers while looking out for the bottom line. What we tend to forget to think about in eCommerce is security. Solution security is responsible for more than you realize and can affect the ideal eCommerce experience we are all trying to achieve; both in the front end (your customers) and the back end (your business), as well as the overall brand and reputation.
We had a conversation with Brett Robins, the general manager of Digital Vantage Point, to learn more about solution security.
What exactly is solution security when it comes to eCommerce?
Solution security consists of multiple layers of safeguards to prevent unauthorized use. Considering solution security protects the front end of the website as well as the back end business management portion, access, and most importantly, vital financial and customer information.
What are the implications of poor solution security?
So much is negatively impacted. This can include loss of data, compromised data, corporate espionage (where data is leaked to competitors), sales prices being revealed to the competition or made public, credit card identity theft, blackmail, or denial of service attacks. These examples are particularly destructive because they erode trust with customers, vendors, partners, damage corporate imagery and generally attack profitability. But even with these consequences for poor security for their eCommerce solution, so many customers still don’t think about these issues to the level required. It comes up as an afterthought where questions are asked but concrete actions are not always taken.
With so many things affected by security, how does Digital Vantage Point approach this in their eCommerce solutions?
DVP takes security very seriously. We tend to take a holistic approach because everything in Nav-to-Net™ is, as it should be, interconnected and integrated. It needs to be a strong solution overall, and not just have a few features put in place to serve as the gatekeeper.
With the holistic approach, security cannot be one particular action or feature or vendor. Multiple firewalls are used. Also a series of best practices are followed such as servers running with the latest drivers, windows updates, application updates, SQL, anti-virus, heuristic detection software, and including physical locks on server rooms.
The holistic approach is also about balance. In this case, it is balancing tight security with performance and usability. Typically with the more security measures in place, it can take a toll on the website’s performance and usability. In this day and age of wanting it all, this is something that must be calibrated carefully in any eCommerce solution.
There is a bit of a misconception that a solution in NAV, like Nav-to-Net™, is intrusive and somehow affects the solution security. Can you clear that up?
Nav-to-Net™ being built in NAV does not make our solution intrusive whatsoever. Having Nav-to-Net™ built in NAV, it minimizes the effect of the website on overall performance. The footprint within NAV has been optimized. This tight integration means businesses and customers experience the benefits of real-time access to data. New partners and customers are always surprised by how clean and elegant the integration touchpoints are within NAV. While data is stored in NAV, access to this data is on an as needed basis utilizing out-of-the-box permissions sets.
Critical data is NEVER synchronized to the website and stays safe.
What are some features that businesses should look for in an eCommerce solution, or at least, ask about and be aware of?
Hallmarks of a secure solution include: communication between the web server and back end systems encrypted with secure transmissions, protecting customer passwords with one way encryption, prevention of fraud with RMA’s, adhering to PC standards principles, ability to restrict data through permissions. Always keeping the integrity of information of mind. Does the eCommerce provider understand the latest security approaches?
What kind of preparation does Digital Vantage Point provide for optimal solution security?
We are confident with the way we layer our security measures and feel poised for the future. Digital Vantage Point trains customers and partners with best practices and discusses plans for backup and recovery. In addition, we have several customers that do PCI audits and regular scans across their website, all with successful results.
Is your eCommerce solution secure? Talk to us today about how Digital Vantage Point can help!
