by: Smadar Landau
Rite Aid’s recent data breach revealing that, for 10 weeks at the beginning of 2017 cybercriminals had access to sensitive customer financial and credit card information, highlights in no uncertain terms the ongoing vulnerability of Internet-connected company computers. It also highlighted the need for continued penetration testing of company web sites.
Penetration testing – either manual or automated methods – determines how easy it is to hack a specific web site. It is a pro-active security service intended to simulate an attack, but with the added dynamic of actually hacking a site, utilizing the same techniques and tools a real hacker would, exposing security weaknesses and issues before any criminal can gain access for real.
In addition to technical weaknesses and security gaps, a penetration test can also highlight human errors, weak passwords, and - a problem often associated with growing companies which need to continually add to their enterprise-wide computing infrastructures - legacy computers that still contain older, previously compromised security functions.
In checking if hackers are able to access an account, penetration testing first discerns the type of data that criminals may want – such as stored passwords and credit card details - and also the actual web site vulnerabilities, such as encryption deficiencies.
One of the most important factors of penetration testing is following up with any discovered security gaps revealed in a resulting vulnerability report. However, often used interchangeably, and confusingly, a separate vulnerability assessment is different from penetration testing.
While most companies would certainly have to employ a third-party cyber security expert to perform either a penetration test or vulnerability assessment, preventative security measures that can be employed immediately include either a two- or three-step authentication process, that could include a personal security question that needs to be answered and some sort or verification code that can be sent to a pre-authorized email address or texted to a phone.
The bottom line is that in eCommerce the relationship between an online retailer and customer is based on trust. The consumer trusts the retailer to look after their credit card and other financial details and take whatever means necessary to maintain the security of that information. A data hack can destroy that trust in an instant and destroy a retailer’s reputation. Far better then to endure the extra expense and added work in scheduling additional, and possibly regular, penetration tests than to risk a data breach and a broken consumer-retailer relationship.
by: Smadar Landau
feelter Tel Aviv hello@feelter.com
+1.315.636.5050
13 Shoken st. Tel Aviv
|
We believe in bringing the truth to customers
|
Today, when it comes to shopping, searching, booking and opinions, consumers have changed the rules of the game. They are relying more and more on social media. They are searching for the truth. And we believe the truth can serve brands (and people) far better than made-up reviews. That’s when we decided to listen to consumers and bring the truth to them, by creating feelter. | |
feelter is a game-changing tool that opens up to reveal the most relevant, un-manipulated wisdom of the crowd and brings it straight to your customers fingertips. So they never have to leave your page, your app or your store. |
We’re about giving people the full picture
|
|
We believe in making brands more trustworthy & transparent
|
feelter is not about organizing reviews. Or about managing opinions to try and convince customers. feelter is about giving customers exactly what they are looking for all over social media – right inside your website. Helping create more engagement, building brand loyalty and trust, increasing conversion rates like never before. |