LeanSwift eCommerce: Security & Compliance

The growth of eCommerce businesses and online transactions have become an integral part of our lives even more so during COVID-19, but also to the growing acceptance of eCommerce as a convenient alternative to the brick and mortar stores.

All eCommerce sites are attractive targets to hackers due to the immense personal and payment information stored on the site. Ecommerce websites hold a lot of data about their customers — and that makes business owners (small or large) a target. According to a 2018–19 Global Information Security Survey from EY, “customer information is the number one most valuable data category for attackers. Coming in at number five are customer passwords”.

It’s crucial for hosting providers and system integrators, as ourselves, to maintain a secure environment at all times for our customers.

Nevertheless, certain best practices can be implemented to safeguard the integrity of your online store and LeanSwift is here to help keep your online store hosted and maintained in a secure environment; along with an implemented, robust plan of action in the event if a security breach occurs.

How LeanSwift can Improve the Security of your Magento Installation?

LeanSwift certified consultants (system integrators) follow a strict adherence to the software development life cycle in accordance with industry standards such as the The Open Web Application Security Project and continuously test for security issues as well staying up-to date on eCommerce security and compliance best practices (not all are listed):

Server Environment

  • Magento includes .htaccess files to protect system files when using the Apache web server. 
  • Limiting access to cron.php file to only required users
  • Using and securing communications protocol (SSH/SFTP/HTTPS) to manage files, and disable FTP
  • Using a unique, custom Admin URL instead of the default “admin” or the often-used “backend,” Although it will not directly protect your site from a determined attacker, it can reduce exposure to scripts that try to break into every Magento site.

Server Applications

  • Keeping software up-to date and apply patches when needed
  • Avoiding running other software on the same Magento server
  • Use the latest version of Magento to ensure that your installation includes the most recent security enhancements
  • Use the correct file permissions. Core Magento and directory files should be set to ready only, including app/etc/local.xml files.
  • Ensuring the server and database are automatically backed up to external location. A typical setup requires daily incremental backups, with a full backup on a weekly basis. 

 

Don’t leave your data security to chance. Contact us today to learn more about protecting your most vital data!

Recommended Blogs

LeanSwift Receives Infor’s 2020 Innovation Partner of the Year Award

Infor, a global provider of enterprise software products, has awarded LeanSwift with its “2020 Innovation Partner of the Year Award” for its innovation in leveraging multi-tenant cloud offering, project implementation methodology, and building a sustainable talent pool and leveraging extensibility tools to deliver successful projects and create customer success stories.

Rhea Singh Rhea Singh

LeanSwift Partners with UltraShipTMS to Deliver TMS Solutions to Shippers Using the Infor M3 CloudSuite ERP

UltraShipTMS and LeanSwift Solutions, Inc Partnership Adds Award-Winning TMS, YMS, Optimization and Fleet Management to LeanSwift Customers

Rhea Singh Rhea Singh

LeanSwift Provides Premium Support & Fully Managed Services for Infor CloudSuite & eCommerce Platforms

LeanSwift provides premium support and fully managed services, that lower the total cost of ownership and sustain business value for the long haul. Highly qualified and skilled Infor CloudSuite application service experts resolve technical issues and manage functional support — and give your business around-the-clock peace of mind.

Rhea Singh Rhea Singh