With the holiday shopping season quickly approaching, internet retailers are gearing up for an onslaught of web traffic – which is great, as long as they have the right measures in place to keep their customers safe and satisfied.
Even one hour of downtime due to a website outage or a malicious attack can have significant impact on a retailer's reputation and revenue, especially during the holidays, a time which the National Retail Federation says can add up to 40 percent of an online retailer's annual revenue. With some large e-commerce sites earning millions each day during the holiday season, even a few minutes of downtime can lead to financial losses in the tens of thousands of dollars, not to mention customer frustration.
With the stakes so high, internet retailers need to adopt a 360 degree approach to security during the holiday season, and year-round ideally. Luckily, there are steps they can take to ensure this.
First, prepare for the worst, plan for the best. To ensure website availability and security, online retailers must prepare for the worst through escalation and incident response planning by outlining standard operating procedures for downtime, including establishing and training incident-response teams. They should also monitor their site diligently to determine service health and identify anomalies quickly and accurately, as well as provide failover to back-up IP addresses to ensure the site is always available.
Next, improving your infrastructure is important. Optimize the scalability and performance of your internet infrastructure with demonstrated management of the increased traffic load coming your way during the holiday shopping season. Whether you manage your site internally or through a vendor, a track record of maintaining satisfactory service levels during the rest of the year may not be a reliable indicator that service levels can be maintained during the peak holiday traffic season. If scalability and performance of your infrastructure are not optimized, it could damage your sales revenue and reputation at the worst possible time.
Don't forget about DDoS. With the increase in size and complexity of distributed denial-of-service (DDoS) attacks, companies should consider leveraging upstream service providers to protect both Web servers and DNS. If either goes down, a company could be out of business. A cloud-based approach to both DNS management and DDoS protection provides a cost-effective alternative to maintaining uptime.
Lastly, make sure to implement security best practices by partnering with a security provider for holistic support. Not all ecommerce sites can develop an internal cyber intelligence capability. Security service providers can help to quickly identify and understand the various security incidents and their implications, determine effective mitigation and remediation tactics, and develop a clear plan to enhance security. For the holiday season in particular, online retailers should take advantage of holistic services that are designed to help protect e-commerce sites during the peak online shopping season. Delivered via the cloud, such services combine fully reliable DNS resolution and DDoS attack protection to support critical Web-based systems and reduce the risk of downtime.