The latest news from Home Depot shows the situation with their security breach is larger and worse than originally feared. When first reported, the home improvement giant believed millions of credit and debit cards had been compromised. Now, they say 53 million email addresses were also leaked. This additional security breach opens up phishing possibilities for the scammers that have never before been used—such as including information from the stolen credit card information to make the emails seem more legitimate.
Home Depot really has their hands full fixing this debacle, but other retailers can learn a thing or two to keep customers’ information safe this holiday season. Here are 5 security lessons Home Depot is teaching you right now.
1. Assume the worst
No matter how large or small your ecommerce business, go ahead and assume someone wants to steal your customers’ information. Don’t wait until the worst has happened to put security measures in place. Go all out to protect your data from the very beginning and you’ll be less likely to see issues later.
2. Ecommerce is safer, but…
In most cases, financial information shared online will be kept in more secure locations than information given in stores. Online fraud is currently at much lower numbers than store-based breaches, but that could change at any time. By offering online shopping for your customers, you’re giving them a safer way to shop. Go ahead and make use of that, as long as you’ve taken care of lesson number one first.
3. Offer plenty of payment options
With this type of breach, customers get a little wary about pulling out the credit card. By offering third-party pay options, such as Apple Pay and PayPal, you give buyers the opportunity to purchase from your store without ever sharing their financial information with you. Or even give customers the option of using Bitcoin and other alternative currencies to pay.
4. Get creative with trickery
Consider keeping your financial information under servers with different names. Then install dummy servers that stay active at all times and appear to be named correctly. If hackers only have a few minutes to get in and get out with your information, they’ll waste all that time in the wrong place. You can even use this tactic to trap hackers and turn them in to the authorities.
5. Prepare your response
No one wants this to happen…ever. Still, refer back to lesson number one and realize this is probably going to happen at some point. Go ahead and determine your policy and statement regarding data breaches. Let your customers know exactly what will happen should their information be compromised. By addressing the issue up front, you give customers the reassurance they need to shop in peace.
Remember, the holidays are a busy time for shoppers and for hackers. You’ll be so busy fulfilling orders that you might just miss some warning signs. Be on the lookout at all times. If it does happen, act swiftly and start making amends to your customers immediately. With vigilance, planning, and understanding, you’ll get through your holiday season unbreached.