Akamai Diversity

The Akamai Blog

Web security and #HolidayReadiness: Prepare for the best, prepare for the worst

Being truly 'ready' for the holidays means different things to different people and organizations. For consumers, it is getting your house decorated, shopping done and enjoying time with both family and friends. For online retailers, it is finalizing deals, ensuring your website can handle the substantial increase in inbound traffic and of course, the elephant in the metaphorical room, web security and its importance in maintaining a positive brand reputation.

Breaches, attacks and denial of service events have made headlines throughout the year - and surely, the holiday season will not be "a time of peace" for online retailers or smart shoppers, who are the desired target for attackers.

To avoid headlining in the wrong kind of article during the holiday season, online retailers should consider the following precautions to treat online asset and customer security as top priorities:

1. Be prepared for any/all attacks - no matter the size or vector. Attacks can hit online retailers, and their customers, in many different forms. Last year alone, online retailers were hit with a number of different attack methods, such as DDoS, cross site scripting, DNS hijacking, SQL Injection, XSS injection, and Web Scraping. 

The key is to expect the worst, so you're prepared for anything during the busy holiday shopping season

2. Continuously monitor all activity. Online retailers are likely prepping their website to handle the exceedingly large number of visitors and traffic for the holiday shopping season. However, it is also important to continuously monitor the site for security threats and vulnerabilities. Online retailers can prepare for scenarios and situations where traffic will peak, but it is equally important to monitor and have a plan in place for security vulnerabilities so that any issues can be resolved as quickly as possible. 

3. Keep mobile sites in mind. Online shoppers are leveraging mobile more than ever. According to data, 25 percent of consumers will make purchases using their mobile phone, even if they are in the store. And last year we saw mobile traffic reach a high of 70 percent% of all traffic on Cyber Monday.

That means that attackers will likely be targeting mobile-ready sites, just as much or more than regular desktop sites. 

4. Make the customer feel safe. A recent study shows that one-quarter of online shoppers see payment and digital certificates displayed prominently on a retail site as the most reassuring element in the purchasing process. In fact, 46 percent of consumers globally admit this would help address their concerns.

The bottom line: you want shoppers to feel safe and comfortable making purchases through your website. Consumers read the headlines too. If they do not feel safe at the checkout, then retailers stand to lose business to competitors.

5. Be transparent. In the event that your site is a victim of a cyber-attack, communicate with the customer. It isn't easy, but online retailers who acknowledge the problem, act quickly to resolve it and communicate with the buyer(s) are more likely to withstand the storm than those that try to cover it up.  

There is a lot to be thankful for during the holiday season and online security is certainly top of the list. If you are an online retailer, make sure your #HolidayReadiness plans emphasize security.