Dont Get Hacked - A Guide to Protecting Your Business from Thieves

You've seen it in the news - 40 million credit cards exposed!

With all the news about web sites being hacked and cyber thieves stealing credit card numbers and other personal data, it's no wonder that some shoppers are still hesitant to provide payment information online. You don't have to be.

Is it enough that users trust you?

Common marketing wisdom shows that one of the most valuable assets any Internet Marketer has is trust. People go to extreme measures to build this trust - online pictures, testimonials, audio - some even go as far as to open storefronts to give people that "good feeling".

But all of this may simply not be enough.

A recent Harris Interactive survey found that 75 percent of consumers polled worry that companies will share personal data with other corporations without permissions, while 70 percent doubt the security of online transactions and 69 percent fear that hackers will steal their personal data submitted online.

You see, just because a user trusts you, doesn't necessarily mean that the customer trusts your website or your payment processor.

Once you've established rapport with your customer base, the next step is to build trust in your website.

Whether you collect credit card information yourself, or have a third party processor handle your transactions for you, it's crucial that people understand that you are serious about protecting their privacy and information.

Here's a few things you can do to help out.

*) Install a Secure Server Certificate on your server to close that "lock" on people's browsers. Even if you don't collect credit card information, people feel better about having the information they send to you be secure. Also, consider using a "top tier" Certificate provider, such as Verisign. While other providers may have nearly equally secure solutions, the reason you are buying the certificate is to instill trust in your customers, which other providers do not necessarily have in abundance.

*) Have a clear, clean privacy policy statement in addition to the "legalese" required by the FTC. If you don't sell addresses, tell people so.

*) Secure your server. I know that this seems obvious, but most people pay no attention to their webserver or the software they are running. Knowing what software you have running, and keeping up-to-date on patches will help significantly.

*) Install an Intrusion Detection System (IDS) I estimate 73% or more of all websites have no intrusion detection system in place. What this means is that not only can most websites be hacked easily, it is very likely that the website owner has no clue if they have been compromised.

*) Turn off unneeded services and ports, and uninstall unused software. The premise here is that the less "stuff" on your machine, the less chance for exploit. For example, MySQL listens on the Internet for messages form other servers, yet most small websites access the database system only from the machine it is running on. It is very simple to make MySQL "invisible" to the Internet - making it much more secure if you don't need to access it from other systems. There are many, many more simple techniques like this you can apply to your server to keep hackers out.

In summary, consumers are quickly becoming Internet savvy and they take their privacy seriously. There is nothing, and I mean nothing, that can hurt your credibility more than your customers and potential customers getting SPAM to email addresses that they provided only to you - in the best case, they will think that you sold their address. Responding that no, you didn't sell their address, but someone hacked your server and stole ALL their personal information won't make them feel a whole lot better about doing business with you in the future.

Nick Temple is an e-commerce and security specialist that has been practicing online for over 10 years, since 1994. Some previous clients include Verisign, Sun Microsystems, and Coupons.com. His new website, http://www.DontGetHacked.info reveals that Internet Marketers are prime targets for hackers, and what you can do to stop them cold.

Citizen

Olympics: Beijing tightens security as Games approach: reports AFP - 8 hours ago BEIJING (AFP) — Beijing is implementing a range of new security measures, state media said Friday, as the Chinese capital cranks up efforts to prevent any ... Beijing tightens security as Games approach: reports Hindustan Times Israel says PM Olmert accused of corruption Sydney Morning Herald all 612 news articles

Sky News

From national security to bedroom farce Sydney Morning Herald, Australia - 2 hours ago However, no matter how senior or junior their position, most of these staffers must first "obtain and maintain" a "Top Secret" security clearance. ... Data security breached at DWP The Press Association DWP sending sensitive data with passwords Computing all 109 news articles

USA Today

Security checks to be introduced at subway stations in Beijing Hindu, India - 3 hours ago Beijing (PTI): Passengers at all subway stations would be subjected to security checks from the end of June, as police here is ramping up safety measures ... Beijing subway to adopt security check on passengers from next month Xinhua Beijing subway security checks hard to swallow guardian.co.uk Beijing to heighten transportation security for Olympics The Associated Press China Internet Information Center| - Shanghai Daily all 93 news articles

IT PRO

Microsoft preps four security patches VNUNet.com, UK - 8 hours ago Microsoft has given advanced notification of four security patches in this month's Patch Tuesday on 13 May. The update will include fixes for ... Four Microsoft Security Patches Due Next Week PC World Microsoft to patch four bugs on Tuesday Computerworld Microsoft to release four security patches next week TechWhack (press release) IT PRO - ZDNet all 35 news articles

dBTechno

Brewster Kahle offers a cookbook for fighting security letters ZDNet - 22 hours ago Just talked to Brewster Kahle at the Internet Archive about their successful settlement with the FBI of a lawsuit over a National Security Letter. ... FBI to remove National Security Letter from Internet Archive Computerworld FBI withdraws digital library's national security letter The Associated Press FBI Withdraws Probe Of Wayback Machine Users InformationWeek Wired News - JURIST all 167 news articles

Indian Banks Worry about Online Security BusinessWeek - 44 minutes ago Conducted by Singapore-headquartered software product company ReadiMinds, the online survey also determined that online security was one of the top three ...

Stop gossiping and mind your own business, Tories say The Gazette (Montreal), Canada - 10 hours ago A University of Ottawa security expert, appointed last year to the prime minister's national security advisory council, said that a significant other with ... Harper dismisses revelations about minister Toronto Star Bernier affair is a security issue, say experts Canoe.ca Not-so-foreign affairs Winnipeg Sun Globe and Mail - Vancouver Sun all 204 news articles

eFluxMedia

Google Releases Web Security For Mobile Enterprise Workers CRN, NY - 16 hours ago By Stefanie Hoffman, ChannelWeb Google announced the launch of a comprehensive security offering, aimed specifically for the mobile enterprise environment. ... Google Shores Up Apps with New Security Software eWeek Google Cuts Price, Rebrands Postini Security Service InformationWeek Google unveils Web Security for corporations CNET News.com Computerworld - dBTechno all 33 news articles

dBTechno

McAfee Teams With Yahoo To Make Web Searches More Secure CRN, NY - 18 hours ago Further enhancing its security measures, Yahoo has also completely eliminated access to Web sites that contain drive-by downloads -- sites that ... Yahoo Adds Security Warnings To Search Results Infopackets McAfee launches web security push VNUNet.com Yahoo! searchers to get McAfee site advice Virus Bulletin DM News - The Associated Press all 292 news articles

Voice of America

Roed Larsen relays Cabinet's position to Security Council Daily Star - Lebanon, Lebanon - 19 hours ago Roed Larsen told the Security Council that Hizbullah "maintains a massive paramilitary infrastructure separate from the state." He added that this had "an ... UN Security Council urges calm, restraint in Lebanon Reuters Opposition armed men take hold of Beirut Alsumaria UN special envoy says Lebanon still in political crisis Xinhua Reuters India - Africasia all 37 news articles