7 Holiday Season Security Tips for Small Merchants


Jingle bell, jingle bell, jingle bell rock

Jingle bells swing and jingle bells ring

Snowin' and blowin' up bushels of fun

Now the jingle hop has begun


So if you haven’t already notice, I am going to be starting this month’s blog articles with some Christmas song lyrics. And not just any Christmas songs, but a few of my favourite ones! Totally unrelated to the topic at hand we are discussing today though, but hey, it’s Christmas!


So with about 2 weeks left to Christmas, let me ask you this very very important question:


Are you done with your Christmas shopping?

Because I am not. In fact, I haven’t even started. But I will eventually start browsing online for Christmas presents when I take the bus or train I guess. Because while I honestly do prefer shopping in brick-and-mortar stores, I really ain’t got time to walk the streets of Orchard. So online it is then!


And with more individuals like myself shopping online these days especially after the pandemic, and with more businesses offering their goods and services via an e-commerce platform, it’s important merchants understand what steps they can take to protect their business and customer data from cyber criminals.


#1: Lock down your login


Fortify your payment terminals, accounts, and ecommerce platforms with long and unique passphrases for all accounts and use multi-factor authentication (MFA) wherever possible. MFA will fortify your online accounts by enabling the strongest authentication tools available, such as biometrics or a unique one-time code sent to your phone or mobile device.


#2: Don’t hesitate to update


Keep the software on all Internet-connected devices up to date. All critical software, including computer and mobile operating systems, security software, e-commerce software, and other frequently used programs and apps, should be running the most current versions. Turn on automatic updates in the security settings.


#3: Think before you click


Criminals will try to trick you by pretending to be your bank, payment processor, trusted business partner, etc. If you receive an email encouraging you to take action, do not be so quick to click on the link. Instead, call the company directly or go to their website (not using the contact information in the email itself).


#4: Limit access


Do an audit of who has administrative or privileged access to your e-commerce site and payment data. Restrict that access to only those who need it to do their jobs.


#5: Back it up


Protect your sensitive information by making an electronic copy and storing it safely. If you have a copy of your data and your device falls victim to ransomware or other cyber threats, you will be able to restore the data from a backup. Use the 3-2-1 rule as a guide to backing up your data. The rule is: keep at least three (3) copies of your data, and store two (2) backup copies on different storage media, with one (1) of them located offsite.


#6: Encrypt your payment data


Check with your vendors to see if they encrypt payment data while it is being stored and transmitted so that you can hide sensitive data from criminals.


#7: Seek help


Criminals are always targeting consumers and merchants, but increase their efforts during busy online shopping periods. Talk to your payment vendors and to your information security professionals in your community so you can fortify your defenses ahead of the season.



Want to boost your company’s IT Security or raise cyber security awareness amongst your employees this holidays? Click the green button below to contact us today!




17 views0 comments