Last week, Inc.com featured a great piece by Electronic Transactions Association CEO Jason Oxman. “A Cybersecurity Checklist for Online Retailers” lists important steps online startups and small businesses can take to protect sensitive data.
As the U.S. migrates to EMV (i.e., chip cards), it is expected that fraud activity in the world of ecommerce will increase significantly. It’s important that e-retailers respond by understanding and proactively addressing their most likely vulnerabilities, one of which is web application security.
From a security perspective, it makes sense to implement a business-grade Web Application Firewall (WAF) in order to counter the most common threats.
Web application penetration testing is also a must-do. This kind of testing is designed to expose the threats your set-up may be vulnerable to, whether it be cross-site scripting, SQL injection or another attack scheme. Penetration testing goes deeper than vulnerability scanning and needs to be done at least annually.
Even companies that effectively address network security are often unaware of the vulnerabilities that exist at the application layer. If you use a hosting provider, do they protect the application layer or are you responsible for that aspect? Beware that if you host your own web server, the responsibility fully rests with you.
Have additional questions related to securing your online business? Learn more about protecting your website with our Web Security Services or give us a call at 800-825-3301, ext. 2. We are happy to help.
Subscribe to this blog for additional tips and webinar announcements.