No one can get around the fact that technology will eventually fail. In eCommerce, failure is one thing you can count on. Payment gateways, email systems, databases, and servers all have downtime eventually. Plus hackers are very real and are always snooping around.
Minimizing failure is a big topic and there is a lot to think about. However, there are seven steps you can take to improve your eCommerce sites readiness. You do not need to implement everything here right away, as every site is unique and carries a different level of concern.
Step 1: Enhanced Verification SSL and PCI Compliance
Standard SSL Certificates secure the information your site sends and receives to visitors. This is what you want but there are other levels of SSL that have more benefits.
Moving from Standard SSL to Extended Verification SSL is a simple way to improve your site’s security, brand, and user experience in one shot. When you use EV SSL you make it clear to shoppers that they are in the right place and their credit card information is secure because it adds a green bar to the browser’s URL bar.
If you have an eCommerce site, PCI DSS Compliance is a must. If you want to avoid hefty fees related to credit card data breach you need to follow the 12 requirements of PCI DSS Compliance. Mainly, you need to keep records of all transactions, have a secure network, use SSL, have your site programmed securely, and scan for viruses monthly to name a few.
Becoming PCI Compliant and using EV SSL will help keep you in business and are the first steps you should take.
But what about when the worst does happen and your site is lost?
Step 2: Prepare for recovery
Eventually, every site goes offline. In many cases, sites do get backed up. Preferably your entire site and database are backed up, at the very least, each hour and sent to multiple locations. However, it is surprising how many sites have never tested their backup systems to see if they actually work. Before your site goes offline you need to have tested your recovery process. Technology is rarely straight forward with the diverse number of systems available so do not expect your backup to be different.
Before your site goes offline you need to test your recovery process. Technology is rarely straight forward with the diverse number of systems available. Do not expect your backup and recovery process to be different.
Preparing for recovery is the second small step to preparing for failure.
Step 3: Enhance authorization
If you think your passwords are good you might need to think again. If you like details Computerphile made a video showing just how easy passwords can be cracked.
This is why step three is to enhance and enforce great passwords and authentication for your site administrators at login. You MUST have a security system as an administrator.
Surprisingly, even a strong password might not be enough. To complete step three you need a strong password and two-factor authentication (2FA).
There is a lot that goes into 2FA, however, Duo Security has made a great 2-minute video so anyone can understand how it works.
Step 4: Optimize development processes
Step four is a lot more technical. It is about development processes. Whenever a developer upgrades to your site things can break because files and systems will be changes. Often during an upgrade, your site can go down for a few seconds. With eCommerce, you do not want that happening during a credit card transaction. Even just a few seconds of unneeded downtime can be a problem.
Whenever a developer upgrades to your site things can break because files and systems will be changes. Often during an upgrade, your site can go down for a few seconds. With eCommerce, you do not want that happening during a credit card transaction. Even just a few seconds of unneeded downtime can be a problem.
To counter this development problem there is a process of upgrading called zero downtime deployment. this process is designed to keep your site from going offline during an upgrade. To complete this step you need to have a great development team that understands how to deploy your site effectively.
Companies that understand zero downtime deployment strategies are the only companies to use for custom eCommerce sites.
Step 5: Eliminate single points of failure
Sometimes your order confirmation email and payment processing providers will fail to work. It will happen to everyone so do not feel alone. PayPal, Amazon, and Stripe all go offline from time to time. This is why you need secondary services for each critical service you use.
For example:
- Have a secondary email service for sending order confirmation emails.
- Have more than one payment option. Having both PayPal and a CC payment gateways are ideal.
- Having multiple file storage locations.
This step too is more technical. However, as you grow your business you need to be aware of the best practices when it comes to keeping your online doors open and building customer trust.
Step 6: Block known attacks
There are all kinds of attacks that systems go through. We have to block thousands of them at Robojuice. However, we have an edge. We know the most common ways systems are compromised. Because we know what will likely happen we can prepare and build walls to reduce the number of breaches.
Commonly, sites will use IP banning, honeypots, and brute force attack blocking as walls to prevent failure and loss of service due to an attack.
When we launch a site we make sure the wall is too high to climb for these types of attacks.
Step 7: Optimize for increasing traffic
The last step to take is the most complicated. Only a few companies really know how to develop systems that can handle a lot of traffic. There are many techniques for building sites that will continue working smoothly under heavy loads.
The easiest step is to use a CDN or service like Cloudflare. However, not every site will fit into these easy to set up systems. Some sites need more. Consider having some level of load balancing with high availability if you do not fit in a box.
Be Ready
Like with all things in life, it is best to be proactive as much as possible. Do not make your eCommerce site the exception to that rule. Work a plan and be ready for failure.
At Robojuice we make and work plans for eCommerce teams so they do not have to worry about the web and can simply put it to work. Connect with us today and we will guide you through the planning process.