Taking business online is becoming more and more common, as customers continue to source their shopping for the Internet. From the point of view of your online business, this convenience for customers is critical. However, operating your business online comes with its own set of risks, leaving both you and your customers vulnerable. Just like you would take steps to protect your physical storefront against a break-in, you need to implement preventative measures against hackers and cyber-attacks. This article will explain your obligations as a business to make sure your customers are secure when they use your online services and provide some tips for securing your online business.

Obligations To Your Customers

If your business deals with customers’ personal information, then this means that you have to comply with NZ privacy law. Personal information includes:

  • full names;
  • photos;
  • physical addresses;
  • email addresses; and
  • payment details.

If customers or clients provide you with this information, you have to protect it against possible data breaches. You also have to notify customers that you are dealing with their private information, which you would usually set out in a privacy policy. You need to let customers know how you deal with their data, including how you:

  • collect;
  • store; and
  • use their information.

If you find that your business has been the victim of a cyber-attack and there is the risk of a privacy breach, you have to let the Privacy Commissioner know as soon as possible. 

Tip: Make sure that someone at your business is your allocated Privacy Officer. This person deals with privacy concerns at your business and ensures your business deals with private customer information appropriately.

To comply with your privacy obligations and secure your business, here are some tips for protecting your business’s online presence:

1. Protect Your Data

First, you need to ensure that you adequately protect your business’s databases or website that stores customer information. You can do this by encrypting data as you collect it, and when you store it as well. This means that only someone with the key can read this data. Some cloud storage services will offer encryption options, or you can find free software that lets you do it yourself.

Tip: Do not let your updates back up. System software updates fix bugs and implement new patches that will keep your data secure. This will assist in keeping things running smoothly.

2. Choose Strong Passwords

One of the most common weaknesses that cyberattacks exploits are weak or stolen passwords. Weak passwords are often: 

  • too simple or short;
  • used across many devices; or
  • the default system password.

Make sure your password is strong, with numbers and capital letters, and not easily guessable.

Many businesses use ‘passphrases’ such as ‘ICanSell300ShoesToday’ that are easy to remember.

It is also a good idea to use two-factor authentication, which means that anyone that logs into your systems needs to provide a secondary piece of information after the password for additional verification. This could be a work phone number or an additional question.

3. Check Your Website Security

A simple way to make sure your website is secure for your customers is to enable HTTPS. This means that your website’s security certificate is safe, and you are who you say you are. When customers give you their data online via HTTPS, then that data is encrypted, and no one else can see it.

Additionally, update your website security certificate regularly, and keep track of when your domain name expires. Scammers will often take advantage of expired domain names and sell fake goods or services under that business’s name.

4. Secure Your Devices

Ensure that any devices you use for your business (such as mobiles or computers) are secure. This can mean:

  • using a VPN;
  • installing antivirus software; and
  • setting up a firewall.

Make sure your device’s software is up to date, and install new patches as they come. Keeping your devices secure means that you can prevent malware downloads and avoid viruses.

5. Have a Secure Payment Method

If your business processes customers’ financial transactions online, it is crucial that you protect their details with a secure payment method. Both you and your customers could face financial and legal trouble if attackers got a hold of this sensitive information. 

Further, make sure your selected payment method complies with appropriate industry standards. Many off-the-shelf e-commerce platforms, like Shopify or Squarespace, provide safe payment methods that are well-tested and secure.

6. Educate Your Employees

If everyone across your business is aware of cybersecurity risk, you can significantly reduce the likelihood of a data breach occurring. Ensure your employees know what suspicious transactions or log-ins look like so that they do not advertently give attackers sensitive information.

Key Takeaways

Online security for your business is just as important as protecting your physical premises. Moreso, if you solely conduct business online. If you deal with personal information, then you need to make sure that you protect that information. This means taking steps to secure your business’s online data, such as encrypting your data and making sure your business uses strong passwords. If you would like more information or help with your business’s online presence, contact LegalVision’s New Zealand online business lawyers on 0800 005 570 or fill out the form on this page.

FAQs

How do I protect my business online?

There are multiple steps you can take to protect your business online. This includes encrypting your data, setting up a firewall, having strong passwords and restricting access to sensitive business information.

What does HTTPS mean?

HTTPS stands for “Hypertext Transfer Protocol Secure”. When a website has this as part of their URL, this means that the website is authenticated and protected against cyber attacks. When data passes through this site, it is encrypted and prevents third-party tampering.

What is data encryption?

Data encryption is a way of protecting your data and making sure unauthorised third parties cannot read it. Information is encoded, and only someone with the correct encryption key can access it.

Does my small business need a firewall?

If your small business has an online presence, you should put a firewall in place. Most devices may already have one set up, but you should check and make sure. If you rely on your online business, one cyber attack could cause you a lot of hassle. Implementing preventative measures can avoid trouble in the future.

RSVP for our March 18 webinar: How to Franchise Your Business
If you own or operate a successful business and are looking for an avenue for rapid growth, franchising can be a great way to achieve that goal. LegalVision is hosting a free webinar to help business owners looking to expand into a franchise network. Register for free now.

About LegalVision: LegalVision is a tech-driven, full-service commercial law firm that uses technology to deliver a faster, better quality and more cost-effective client experience.

The majority of our clients are LVConnect members. By becoming a member, you can stay ahead of legal issues while staying on top of costs. From just $99 per week, get all your contracts sorted, trade marks registered and questions answered by experienced business lawyers.

Learn more about LVConnect

Need Legal Help? Get a Free Fixed-Fee Quote

If you would like to receive a free fixed-fee quote or get in touch with our team, fill out the form below.

Our Awards
  • 2019 Top 25 Startups - LinkedIn 2019 Top 25 Startups - LinkedIn
  • 2020 Excellence in Technology & Innovation – Finalist – Australasian Law Awards 2020 Excellence in Technology & Innovation Finalist – Australasian Law Awards
  • 2020 Employer of Choice – Winner – Australasian Lawyer 2020 Employer of Choice Winner – Australasian Lawyer
  • 2020 Fastest Growing Law Firm - Financial Times APAC 500 2020 Fastest Growing Law Firm - Financial Times APAC 500
  • 2020 Law Firm of the Year Finalist - Australasian Law Awards 2020 Law Firm of the Year Finalist - Australasian Law Awards
  • Most Innovative Law Firm - 2019 Australasian Lawyer 2019 Most Innovative Firm - Australasian Lawyer