TEA Blog


There was a time when having SSL authentication was considered foolproof security. Though there is still a lot of merit in using an SSL connection for the checkout process, you cannot hide behind SSL and claim that you are secure. Here are some of the key measures that seem to be rather easy to implement.

It's Not Only About Technology
The problem with focusing only on SSL, or two-factor authentication, or some other piece of security technology is that we miss the larger picture. We relegate security to the and do not pay attention to the business end of the problem. Here are some examples:

  • Who Has Access to Your Customer's Data?

Are you sharing your customer's data with the wrong people? Have you made sure to only provide access on a need to know And have you established procedures on backing up data, storage of data and backups, deleting of data when it is no longer needed, carrying customer data in and out of the office? Each one of these processes seems obvious, but runs the risk of causing a major security breach.

  • Do You Have an Unequivocal Privacy Policy?

It is not enough to take measures related to security and privacy. You also have to ensure that your customers know how you treat their information. Especially when some information can be connected to specific customers, you need to make sure that customers know about it. Drafting an effective privacy policy hence becomes a must-do for websites.

  • Do You Require Users to Have a Strong Password?

As my favorite TV character, Sheldon would say, "1234 is not a secure password." Instead of making recommendations to your customer, it might make more sense for you to require a strong password. In this instance, I think that you should not follow the dictum, "let the customer do as she / he pleases."

  • Create an Office Environment Where People Appreciate the Value of Privacy and Security.

It is important that you sensitize your people to avoid being callous when they handle data. If you are a professional business, you will have several employees who have varying extents of access to data. As a business it is your job to train people on handling the data right.

But the Technology Matters Too

  • Hosting

Make sure that you are using secure hosting. Many of your advanced security techniques will come to naught if a hacker is able to access your files.

  • Encryption

Make sure that you use strong data encryption technology for all data that you capture. Here is a short paper by Harvard Law School that will introduce you to the basics of encryption in .

  • Backup Backup Backup

This is sane advice even if we are merely talking about your handheld device or laptop. Of course, when it comes to critical customer data captured on an website, this becomes all the more crucial. There are several aspects to recovering from a hacker attack, or from the handiwork of malware. But every one of them involves having a backup of your data.

ARTICLE SOURCE: This factual content has not been modified from the source. This content is syndicated news that can be used for your research, and we hope that it can help your productivity. This content is strictly for educational purposes and is not made for any kind of commercial purposes of this blog.