By Mike Potter, Rewind
While 2020 was challenging for most, one silver lining for retail was the explosion of online shopping. Ecommerce had already been growing by leaps and bounds over the past five years, but the global pandemic created an entirely new set of consumers. Over the holiday season in the United States alone, online sales grew 32.2% from 2019. The common consensus across the industry is that these numbers will only grow as buying online becomes routine.
The increased opportunity also means an increase in risks. Traditional retailers are embracing the cloud at an accelerated pace, while veteran eCommerce merchants are continually adding new SaaS and cloud tools to fine-tune their business. All retailers need to understand how all this data they are creating is vulnerable, as well as how they can protect it. This is the ultimate retailer resolution for 2021.
As more businesses embrace the cloud, so do criminals. Cyberattacks are nothing new, but they are becoming more complex and more frequent. Last year, the clothing retailer Bonobos suffered a massive data breach, so did Barnes & Noble. In fact, the international police organization Interpol saw a dramatic rise in the number of cyberattacks last summer. They anticipate that the number of attacks will only go up. This means you (and your employees) could likely face instances of phishing, malware, and ransomware attacks.
The reality is that from the entire list of threats, cyberattacks are just the tip of the iceberg. Our 2020 Report: When The Store Goes Down found that human error and third-party integrations were larger threats to data loss than malicious attacks. Any business, not just online retailers, typically has many people accessing software. These can be both in-house staff or outside contractors doing one-off projects. It’s inevitable that at some point, someone will make a mistake and accidentally delete something permanently.
The same can be said for all the apps and additional software tools you connect. If you have never read the terms and conditions of each one, you may be in for an eye-opening surprise. Many SaaS tools can manipulate, change, or erase your data. Unfortunately, getting it back may not be possible.
Safeguarding Cloud Data Is A Shared Responsibility
The “Shared Responsibility Model'' is a critical, yet not well-known, aspect of cloud computing. Essentially, you as the customer of either Shopify, BigCommerce, or whichever SaaS tool you employ, are on the hook for guaranteeing that your data is protected and backed up. The company selling you access to its platform only guarantees that the software will work as intended. It does not guarantee that your data will be there the next time you log in.
It’s usually a sobering realization among online retailers. It’s also a concerning one, as a recent study by KPMG found that 75% of cloud users have previously lost data. And the impact of vital data loss is significant for online retailers. We have seen merchants take days, sometimes weeks, to rebuild stores, and during that time, there is typically a nosedive in online sales. The good news is that there are some steps and best practices you can implement to mitigate all this risk.
Improve Access Restrictions
The two best ways to approach this is by ensuring everyone who accesses your software has a unique password and is using two-factor authentication (2FA) every time they log in. Having a hard-to-replicate password is common knowledge but rarely followed, so leveraging a password manager is critical. These programs can also set up 2FA if any of the SaaS tools you are using don’t enable it. In our company, 2FA is mandatory and set up for EVERY digital tool the company uses - even our social media accounts.
Restrict Access Based On Skill Sets
In other words, your customer service team does not need access to the back-end computer code that runs everything. It may sound silly, but what we have seen is that data loss due to human error is grounded in teams wanting to help and not bother others with “small tasks”. However, if vital data is deleted, this once menial task may now be anything but. So, to ensure people are not stepping into unknown territory, only provide access to tools (and the various sections of these tools) based on the roles and responsibilities of your employees. You should also do the same with any outside contractors.
Have A Backup Plan
We have found that the merchants who have a backup strategy typically use a laborious manual process. We don’t recommend this approach, but if you do follow it, then ensure all the information and content you need to rebuild a store is organized and saved in a separate cloud. Keep in mind that every time a change is made, all the information you have saved needs to be updated. For some stores, that means updating hundreds of CSV files and hours of work every week.
The better approach in our opinion is to utilize a Backup-as-a-Service (BaaS) tool. These applications can automatically restore your data with just a few keystrokes. You can build your own version, but it can be very costly and you will need to maintain the software over time. The other option is to find a BaaS app that plugs into your store. Just make sure you read the terms & conditions, the reviews, and anything else to conduct proper due diligence. As we outlined before, you give a lot of access to apps - so ensure it’s with a reputable company.
Less Risk; More Reward
Every online retailer we have spoken to has been waiting for the market environment we are seeing today with consumers embracing eCommerce at incredible levels for nearly all their daily needs - not just special purchases. So, don’t let data loss derail all the momentum and gains you have made the past year. Make your resolutions a reality. The tips we outlined above can be implemented in a few days, and they will drastically reduce the chances of your online business scrambling to rebuild, rather than scrambling to fill orders.
About The Author
Mike Potter is the co-founder and CEO of Rewind, a cloud data protection provider trusted by over 80,000 businesses to protect their data on platforms such as BigCommerce, Shopify, and QuickBooks. A veteran entrepreneur, Mike has over 25 years of experience building solutions for the software, cloud, and data analytics space, including tenures at Adobe and Mozilla. He earned his MBA from the University of Ottawa and his B.Eng in Mechanical Engineering from McMaster University. Mike currently resides in Ottawa, Canada.