Staying online is the best present you can give your business this holiday season

Here are a few data management and security tips and considerations for IT teams supporting online retailers, to ensure an online business stays available during the whole holiday season.

The retail industry continues to be radically reshaped by the shift to e-commerce, driven by digitisation, with a growing number of online ‘pure play’ retailers emerging and ‘bricks and mortar’ retailers prioritising online operations. Prior to the pandemic, the biggest impact of e-commerce on the industry was the expansion of the traditional six weeks sales period of the Christmas and January sales, to encompass ‘Cyber Monday’ and ‘Black Friday’, forming a sixty day or more sales period that makes or breaks retailers.

Fast forward to today, after almost 18 months of adapting to the challenges posed by the pandemic and retailers’ accelerating their digital transformation efforts, and e-commerce is currently the dominant method of retail business throughout Asia-Pacific. In fact, Singapore’s e-commerce market is projected to reach USD$3.19 billion in revenue by the end of this year, and grow to over USD$4.6 billion by 2025 (Statista).

While this acceleration of digitisation and e-commerce uptake is no revelation, the importance of the IT infrastructure and systems as the backbone of e-commerce is often undervalued, as is the necessary focus on governing and protecting the data it generates. Consider the depth and breadth of the IT software or systems that power e-commerce, and the data that is generated in every online interaction. Imagine the amount of data being collected through every marketing activity, as brands look to engage those sitting anywhere from the ‘Consideration’ to ‘Purchasing’ phase. For retailers, like any business, this means the challenge of governing and protecting their data is intensifying. Implementing the right data management approach before the peak retail season begins is vital. The last thing retailers need after a tough 18 months is to be hit with a lack of data availability, or worse, fall victim to an orchestrated cyber attack.

With so much at stake for retailers this holiday season, data resilience and vigilance is fundamental because whenever money is exchanged there is a risk of crime. This holiday season, retailers’ IT systems will be tested in a number of ways, which means ensuring appropriate capacity is in place to support these unusually high demands and growing order volumes. Simultaneously, retailers must also manage the risk of cyberattacks, such as ransomware and distributed denial of service (DDoS) attacks that bring online operations and trade to a halt, resulting in loss of sales and often irreparable damage to trust in their brand.

Here are a few data management and security tips and considerations for IT teams supporting online retailers, to ensure an online business stays available during the whole holiday season:

Got What It Takes?: In order to determine what potential peak loads are for your servers, remove the guesswork by using archive data to compare and contrast your capacity needs, and given the statistics quoted above, plan for a significant uptick beyond what you’ve seen before. If accessing this archive data or understanding your data is a challenging task, now is the time to consider and deploy next-gen data management solutions.

Real-time monitoring: Preparing yourself in advance is obvious, but do you have a simple way of being alerted on your mobile phone to issues in your backup and virtual environments when it matters, especially with teams operating remotely? Are you confident you can avoid downtime and meet your Service Level Agreements (SLAs)? Not only does this speed up troubleshooting of issues and diagnosis of root causes, it can enable your team to manage a potential cyber-attack before malware can be deployed and data taken ransom.

Ditch Legacy Thinking: Your service levels from the legacy world simply do not cut it in the digital economy. Legacy IT still deals in data recovery SLAs that are in hours or days. Madness. You can now recover in an instant or at worst a matter of minutes. Given the amount of money at stake, and for many businesses their future existence, during the busy periods of Black Friday, Cyber Monday, Christmas, and January sales, can you afford to be offline for hours at a time?

Test and Test again: Sure you may have a backup schedule, but that’s just not enough. You need to ask some serious questions. For example, have you implemented the 3-2-1 approach to provide great confidence in the backup data you have stored? How long does it take to recover the backup? Do you have the ability to restore a certain file individually, or do you need to do a full restore? How long does that take? How often do you test your backups to ensure they work? How many of your backups would fail? Asking these questions now is vital because when a disaster strikes, whether from nature or technology related events, you do not want your data compromised and your e-commerce operations brought to a standstill.

Be Proactive in Your Defence: Find and isolate security scams posing as your brand and lockdown any compromised online accounts before they cause irreparable damage. Look beyond conventional perimeter security (thorough checks for all attempts to connect to corporate resources from outside the infrastructure), locking down social media and other online endpoints. Now is the time to consider and implement multifactor authentication protocols.

Criminals Don’t Stop at 5.00pm, Neither Should You: For national or multinational-scale businesses, a threat intelligence or security operations team should be created, and well resourced. The aim is for 24/7 monitoring of the web to increase the chances of finding fake websites or other assets disguised as your brand. It’s worth building a small cross-functional ‘tiger team’ to keep an eye on the dark web too, as this is often where criminals sell stolen information and assets.

Communicate to Customers: Ahead of the festive period explain to customers some of the threats they and you may face from cybercriminals. PwC’s Global Consumer Insights Survey highlights that South East Asian consumers’ purchase behaviours are driven by a combination of trust and ease of obtaining the goods they seek, which means retailers need to work hard to build trust beyond simply promoting the conveniences of online shopping. Educate customers and employees alike on how to spot social engineering scams like emails with poor spelling and grammar. Also emails and texts or social media accounts asking for confidential information. Remind them of your security and privacy procedures. Be clear and explain to customers what you’re doing to tackle these threats and what they can do to be safer when shopping online. This level of thought and transparency will build trust in your brand.

Stay Online and Business Ready: One of the attack types commonly used during holiday seasons is distributed denial of service (DDoS). This is when a criminal bombards your servers with requests until your servers and systems slow to a crawl or crash. For major businesses, it could be ruthless competitors, a state-sponsored hacker from a foreign market, or even political activists that may use this tactic. Why do they do it?  If they can damage your business finances and reputation, that’s a win for them and offers them a chance to take your customers. To protect your online store from being taken offline this holiday season, ensure DDoS protection is part of your security make-up.

The second holiday sales season of this pandemic era is going to be difficult, with significant IT and cybersecurity challenges to manage. Meeting these challenges by implementing strategic technology-based data governance and protection will make the season more profitable for your business and safer for your customers. If you follow these tips to maintain honesty, transparency and communicate proactively with your customers, you will strengthen your digital proposition. Check you have the right data management and security protocols in place, and hopefully you can enjoy a bumper holiday season of sales.