We have been chuffed to report an incredible increase in eCommerce users over recent months; we have seen more eCommerce transactions than ever, and have been delighted to roll out the virtual red carpet to welcome new demographics and fresh faces to our corner of cyberspace.
In today’s digital landscape, where more users are turning to eCommerce, security is critical.
It has been reported by Checkout.com that we have seen 10 years’ worth of eCommerce growth over the past few months. While this is undeniably incredible news, one of the downsides has been an increase in cybercrime. Katy Worobec, Director of Economic Crime at UK Finance, has reported:
“Criminals have ruthlessly adapted to this pandemic with scams exploiting the rise in people working from home and spending time online. These range from investment scams promoted on social media and search engines to the use of phishing emails and fake websites to harvest people’s data.”
Any reputable platform provider should have measures in place to ensure the security of your website. At Visualsoft, we are committed to keeping you and your customers safe.
PCI DSS Level 1 Compliance
Our platform is proud to be PCI DSS Level 1 compliant, meaning that we meet the most robust operational and technical requirements that are established for data and payment protection. As a retailer, this can also protect you from being fined thousands by Visa or Mastercard, if there happens to be a breach.
The application of SSL/ TLS
An SSL (secure socket layer) certificate creates an encrypted link between a web server and a browser, ensuring that all data passed between the server and the browser remains private. This ensures that your customers’ data is kept protected. Similarly, the application of TLS (transport layer security), is a protocol that provides privacy and data security for online communications. For example, encrypting the communication between a web app and servers.
Security feature updates are handled on your behalf
As fraudulent activities become more intricate, your platform provider should be working hard to improve the security aspects of the platform. Whichever platform or software you use, your provider should be making sure that you’re running the latest version. Managed eCommerce servers and hosting at Visualsoft includes but is not limited to: software upgrades and patching, updates to core systems and additional features as added to core code.
Continuous penetration testing
To make sure we’re as secure as can be, weekly penetration testing is carried out in order to highlight any new vulnerabilities that could be taken advantage of, which means that we also have continual opportunity to potentially improve our already robust security measures.
Private cloud-based infrastructure
Private cloud-based infrastructure is a cloud structure that is dedicated solely to one organisation. At Visualsoft, we choose to use private cloud-based infrastructure to ensure the security of your data. All servers, storage and supporting infrastructure is dedicated to Visualsoft and never shared, which hugely improves data privacy and greatly reduces risk of data access issues.
A firewall is a physical device that is the gatekeeper to our network. It helps to prevent any malicious attacks from entering the computer network. At Visualsoft, we utilise a redundant pair of dedicated firewalls ensuring that the entire system is protected.
Automatic hardware and network connection failover
As you can imagine, running a vast number of websites takes a lot of machine-power! The good news? We have automatic hardware failover set up, ensuring that in the instance one of the machines happens to fail, any website sitting on that server will be automatically and immediately migrated to another working server. Similarly, network connection failover ensures that in the event that a cable is dug up with one provider, the next provides automatic connectivity.
Well, it doesn't just stop there! We’re doing all we can at Visualsoft to keep you secure, and we’re helping you to keep your admin secure from your side, too.
We enforce two-factor authentication and single-use accounts
Yes, we know - it might be a little awkward to have to enter an additional code when you log in to your admin, but we promise it’s for your own good! Two-factor authentication is just a simple method that we have put in place to ensure that only employees from your business can access your admin panel.
Single-use accounts ensure that you can only be logged in at one place, at one time. If you happen to log in to your admin panel from a new machine, we’ll log you out of the old one. This is to ensure that any changes can only be made from one login, and no one can gain access by accident.
‘Brute force’ account lockout
We’ve all been there - mistyping a password over and over, or forgotten you’ve changed it? We know it can be a little inconvenient to get locked out of your account, however, we employ ‘brute force’ account lockout, meaning if we spot a number of incorrect login attempts, we’ll lock the account and block any further login attempts. Just in case!
Automatic inactivity timeout
In a similar fashion, if your admin panel is inactive for a while, our systems will log you out of the account. We do this just in case you head for lunch and accidentally leave your computer unattended, to ensure that no prying eyes can access your website and customer data.
It’s not just you guys that have to authenticate to log in to your admin panel, our staff do too. Any of our staff that need to log in to your admin panel to provide you with some advice or deploy a change on your website also have to authenticate too, to make sure all access to your website is secure.
Are you in need of a more secure platform? Let us know how we can help using the form, or give us a call on 01642 633604.