Subscribe to Entrepreneur for $5

People Are Still Afraid to Shop Online. Here's What Businesses Can Do to Protect Them.


Ecommerce has been around for nearly two decades now, and while it's given people all kinds of convenience and flexibility in making purchases, it hasn't erased their underlying fears about safety.

A new global study produced by U.K.-based information assurance firm NCC Group reveals that the majority of customers do not feel safe shopping online. Seventy-seven percent of those surveyed said they "no longer feel secure when buying goods on the web," and 23 percent are doing less on the Internet because of security concerns.

Related: Your Company Is Probably Going to Get Hacked. Here's How to Protect It.

And even while physical stores have suffered their share of high-profile breaches in the last year (Target, Neiman Marcus, Home Depot, just to name a few), the threat of an online incident appears to be very much intact; in fact, 64 percent of people surveyed believe they're likely to be the victim of a breach within the next 12 months.

So what can businesses do to protect their customers and put their minds at ease? Christopher Hadnagy, chief human hacker from Social-Engineer, says that while the holiday season is a particularly hectic time of year, your security measures should be a priority. He says it's critical to ensure that your software (security software, current operating system, etc.) is current. "It may take a lot of work and effort, but often hackers find holes into your business through old and unpatched software."

Related: From Snapchat to Whisper: Blindly Trusting Companies With Your Privacy Is Stupid

For customers, it's about watching your statements closely. "Know where you spend and what so you can catch fraud quickly," he says.

Satnam Narang, a senior security response manager at security software firm Symantec, says checking your servers on a monthly or quarterly basis is vital to protecting your customers' sensitive information.  If you are outsourcing your security or point-of-sale system to a third party, it is imperative to be in constant contact with them. Narang says that FTP credentials -- the login info that allows hosts to transfer files to one another -- can also be vulnerable.

Related: In Business, the Cyber War Between the U.S. and China and Russia Is Tense

Finally, companies could consider taking out a cybersecurity insurance policy. In the event of a breach, it could help with any fines and pay for forensic investigators to look into what caused it, says Charles Bretz, director of payment risk at Financial Services Information Sharing and Analysis Center (FS-ISAC).

Additionally, Bretz says that having multiple layers of security, like two-step authentication, for both customer and employee accounts can help both sides be protected.

For more on an international look at data security and ecommerce, check out the NCC Group infographic below.

Click to Enlarge+
People Are Still Afraid to Shop Online. Here's What Businesses Can Do to Protect Them.


Related: FBI Director: Chinese Hackers Have Infiltrated Every Major U.S. Company

Entrepreneur Editors' Picks