Latest news
- Educate consumers about the dangers of online scams and alert them to threats such as phishing, key logging and pharming. The more knowledgeable customers are to online scams, the less fearful and vulnerable they will be.
- Offer privacy and security guarantees to customers in the event of fraud or identity theft. Prominently highlight the company’s promise to protect customer information and make privacy and security policies simple to understand and easily accessible on the website.
- Communicate and market the website’s online privacy and security features in ways consumers can understand. Retailers have an opportunity to incorporate site features that promote confidence and trust, such as offering clear and easy ways to find help.
- Closely monitor and manage relationships with third parties to ensure the same, if not higher, security standards are in place to protect customer information. Security and privacy are not only about your company’s site but also that of outsourcers and partners that may handle sensitive information.
- Develop an action plan to immediately update customers, legal authorities and the hosting provider of the offending site when a scam has been detected. Taking the appropriate steps to address the problem limits a company’s exposure window.
- Use automated solutions to monitor for application vulnerabilities and achieve compliance with a range of laws, best practices and security and privacy policies. These also include the identification of privacy and Web application security issues and cross-site scripting vulnerabilities that can lead to breaches. Preventing or detecting glitches early gives companies more lead-time to execute a response plan and encourages a trusted online environment for customers.
Spotlight
The security of WordPress plugins
Posted on 18 June 2013. | Checkmarx’s research lab identified that more than 20% of the 50 most popular WordPress plugins are vulnerable to common Web attacks, such as SQL Injection.
Information security executives need to be strategic thinkers
Posted on 17 June 2013. | George Baker, the Director of Information Security at Exostar, talks about the challenges in working in a dynamic threat landscape, offers tips for aspiring infosec leaders, and more.
Large orgs in denial about own security breaches?
Posted on 14 June 2013. | Over two thirds (66%) of large organizations said they either had not experienced a security incident in the last 12-18 months or were unsure if they had.
Vulnerability scanning with PureCloud
Posted on 12 June 2013. | nCircle PureCloud is a cloud-based network security scanning product built upon the companies' vulnerability and risk management system IP360.
Reactions from the security community to the NSA spying scandal
Posted on 11 June 2013. | Read on for comments on this scandal that Help Net Security received from a variety of security professionals and analysts.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
