Protecting Your Online Business from Cyber Attacks

Mike Potter | Last updated on August 30, 2024 | 6 minute read

Shoe Retailer - Protecting Your Store from Cyber Attacks

This article first appeared in the May/June addition of Shoe Retailing Today. Republished with permission.

Footwear continues to be a powerhouse when it comes to online sales. According to the e-Commerce platform Shopify, the total global market for Fashion & Apparel is supposed totop $718 billion by 2022 (nearly double the amount from 2018). Depending on how you splice the data, footwear (both athletic & non-athletic) makes up 12-20% of total online sales within the space. Pundits are expecting more of the industry to move online, as the surge in customers choosing e-Commerce continues.

This means shoe retailers can no longer afford to ignore the online world. Online shopping has become ingrained within the customer experience. Consider this: Mobile devices accounted for 65% of all retail site visits across the globe. And according to international accounting firm KMPG, that same percentage of customers compared prices on their mobile phones while inside a physical store. Retailers who don’t embrace or expand their brand online, risk losing out on sales or losing relevance in the marketplace.

The Risks of Online Rewards

According to the National Retail Federation (NRF), shrinkage (loss due to theft, fraud, etc.) costs retailers more than $50.6 billion annually in the United States. This means retailers spend a lot
of time and resources on safeguarding their stores and inventory with loss prevention programs, cameras, scanners, security tags, alarms, secret shoppers and more. Considering the razor thin margins in retail, protecting every sale is paramount. This need to safeguard stores extends to online stores, with the goal of protecting online revenue.

As sales increase on the web, threats are increasing as well. “Cyber attacks” used to make headlines involving only the world’s biggest brands, such as Target. However, criminals are now targeting businesses of all sizes. Cybercrime is now the fastest-growing type of illegal activity. Even more astonishing, it’s estimated that 70% of small businesses hit by a cyber attack were forced offline.Out of these victims, one in 10 were forced out of business due to the negative impact on sales.

This means that, while shoe retailers must have an online presence, they also need to apply the same level of rigor to protect digital sales as they do in their physical store(s). Otherwise, any downtime of their e-Commerce store could cause significant losses – and not just in sales. The recovery costs from a cyber attack can run as high as $200,000.

How to Protect Your Sales From a Cyber Attack

Although the risks of an online cyber attack are increasing, online loss prevention is easier and relatively inexpensive to put in place in comparison to security in physical stores. Here are three effective strategies you can employ:

Create Proper Security Measures

In retail, there are “keyholders” in physical stores and restrictions on an employees’ level of access. Online shoe stores are no different. The online “keys” should only be accessed by the people who need them. To take it a step further, keep access in line with each employee’s set of responsibilities. In other words, don’t give someone in customer support the ability to edit code.

Password Discipline

You also need to have discipline around passwords. Businesses often take the easy route and share one, easy-to-hack password among a group of people. Yes, storing and updating multiple passwords can be painful. However, it is critical that everyone who touches your e-Commerce site has their own unique password. Many retailers use a third-party application such as LastPass or 1Password to help with this. And it’s in your best interest to ensure no one is using a web browser to save passwords. This practice puts your store at higher risk from illegal cyber activity.

Two-Step Authentication

Finally, take a look at two-factor or two-step authentication for people working on your e-Commerce site. This is basically a program that allows people to verify their identity using a mobile device. Think of it as the last line of defense for your online store. If someone steals a password or hacks it, the thief would still need to pass through another level of identification.

Audit All Third-Party Software Connected to Your Store

On average, e-Commerce stores have 10 or more third-party software programs integrated within their sites. While these programs are incredibly advantageous to retailers, they also leave your store more vulnerable. Third-party integrations often have high levels of access into your store and data. Before you install anything, ask yourself these questions: Do they have any negative and/or positive reviews? Was it built by a firm that seems reputable? Can you contact them or are they digital ghosts? Take the same level of rigor when auditing existing applications. Ask yourself if the intimate access you are giving is worth the risks associated.

Put a Backup Strategy in Place

Even with security preventions in place, your online store can still be compromised. Should this happen, mitigating the amount of time it takes to get a store fully operational should be your main concern. Unfortunately, there is a common misconception that cloud software backs up everything and sites can be easily restored. However, while e-Commerce platforms like Shopify and BigCommerce back up their own infrastructure, retailers are on their own with account-level, store-specific data like products, images, orders, invoices, customer purchasing history and more. That is data and content that businesses depend on to drive sales. And it is not saved within any retail cloud applications.

As sales increase on the web, threats are increasing as well. “Cyber attacks” used to make headlines involving only the world’s biggest brands, such as Target. However, criminals are now targeting businesses of all sizes. Cybercrime is now the fastest-growing type of illegal activity.

Customers have little patience in the world of e-Commerce. If a site takes more than four seconds to load, it can lose roughly 25% of its online visitors immediately. Every second your store is not functioning properly, your sales are at risk. So consider the impact on your potential sales of being down for hours, or even days. Repairing or rebuilding a site can be an arduous task if proper precautions are not taken in advance.

Having a comprehensive back-up strategy in place helps you recover faster after any critical issue, not just a cyber attack. There are three ways to make sure your online store data is properly backed up:

A low-tech, manual approach is to regularly export CSV (Comma Separated Values) files for all the critical sections of your online store. It may appear straightforward, but it is time consuming and complicated to organize and re-upload all the data. Unfortunately, you can’t save all data and content this way, so you risk losing some parts of your store for good.

Some retailers hire a company to build custom back-up software, which does all the hard work associated with manual back-ups. However, custom solutions are costly to build and expensive to maintain. E-Commerce sites are always making changes, so any solution you build needs to be continually updated by software developers.

Many retailers are now turning to proven, third-party back-up solutions. Cloud back-up solutions offer the best of both worlds in terms of usability and cost. However, it is important to do your research. Prices, quality and the level of service can vary. Apply the same due diligence we outlined earlier when assessing third-party applications. User ratings and software review sites are often a great source of information.

While e-Commerce isn’t the only future of retail, it’s a major one – and footwear retailers need to protect their online store to stay in the race. As you build out your brand experience for the digital world, make sure you are using all the best practices to protect your customers, your cash flow and the future of your business.

You can install Rewind from the appropriate App Store using the buttons below:

Backup Shopify

Backup BigCommerce


Profile picture of <a class=Mike Potter">
Mike Potter
A self-proclaimed serial entrepreneur, Mike Potter is the co-founder and CEO of Rewind, the leading data backup and recovery provider for cloud and SaaS data. While studying Mechanical Engineering at McMaster University, Mike began his start-up career as the founder of InTheHack.com, one of the most popular sporting websites in Canada. Since founding Rewind in 2015, Mike has focused on building a company culture that values and respects employees. “I'm a big believer in creating strong teams, hiring great people, and giving them the freedom to do their best work”, he adds. When Mike isn’t running backups, he can usually be found assembling LEGOs with his kids or walking his dogs.