B2B buyers typically access and share more information than consumers do when making online purchases. That makes it even more important for B2B sellers to ensure their ecommerce data is secure, writes Arno Ham of Sana Commerce.

Arno Ham

Arno Ham

Cyber attacks and security breaches can be incredibly costly, inconvenient, and require a significant amount of time and resource to counteract if you don’t have the right measures in place. But guarding the data of your business and customers isn’t just a safeguard against lost revenue; it’s also key to establishing trust among your customers and prospects. Breaking or losing that trust can be incredibly damaging to your business, sales and wider brand reputation.

However, selling online doesn’t need to be a risky endeavor. Here are some key ways to strengthen the security of your ecommerce platform to deliver the safe and reliable online shopping experience your customers expect.

1. Open source vs. closed source 

One of the first things to consider when purchasing new ecommerce software is whether you want a solution based on open source or closed source code. Closed-source software has all rights retained by its developers and/or distributors, making it easier for the company to control the development environment. Yet, this doesn’t necessarily mean that closed source code is always safer—it simply comes down to the quality of the developers.

Open-source code is created by an open community of developers, meaning there are no restrictions as to who can use, examine or change the code. While this means that the code is checked more regularly (so vulnerabilities are usually discovered quickly and more often) this also means that the source code could be easily accessed by cybercriminals or others with harmful motives. And if they manage to break in, they can access a whole host of unprotected information. It’s important to consider the pros and cons and weigh up your options to find the best fit for you.


2. Use a VPN as the route into ERP

B2B buyers typically require access to more information to make purchases than consumers; as well as access to extensive product information, they need insight into real-time inventory levels and access to the same customer-specific pricing they’d get if they were calling your sales representatives directly. This information is already stored in your enterprise resource planning system, or ERP, and by integrating it with your webstore, you can share real-time information and open up possibilities for a personalized online buying experience. However, the security of this connection is paramount. Setting up a Virtual Private Network, or VPN, between your ecommerce platform and ERP helps to keep the connection secure and data confidential, as any data sent via this method is encrypted, and intercepted data is undecipherable without the encryption key.

3. Failover systems 

Once you’ve worked hard to build up strong client relationships, you don’t want these to be eroded by unreliable service. Protect your presence with a failover system that lets you switch to previous backups of systems and data should your primary webstore environment become unavailable. A failover system with one or more of these ‘redundant’ installations means that in the event of a power outage, technical server problem, or other issues, your clients won’t be cut off.

4. Ensure your vendor is security compliant 

With so much choice on the market, a good way to narrow down your options is to weigh up the security offerings and compliancy of different vendors. Here are a few things to look for;

♦ Ensure that your ecommerce vendor has its security evaluated, tested and certified by its partners.

♦ Your vendor should conduct thorough security audits on a monthly basis.


♦ Check that the vendor doesn’t store payment details—these should always remain with the payment service provider, or PSP.

♦ Involvement with the Open Web Applications Security Project (OWASP). This is an open-source project, where individuals and organizations share information and techniques to identify unsafe software. This is a good sign that your vendor is constantly working to develop its knowledge and immunity to security issues.

5. Consider SaaS to ensure regular security updates

SaaS means you’ll have automated ecommerce updates and the latest security fixes, meaning your installation will always be protected against vulnerabilities like downtime, data loss, and hacks. As well as offering the most advanced version of your webstore possible, you can enjoy the extra peace of mind that you’re providing a reliable, safe and secure experience for your customers.

Arno Ham is chief product officer at Sana Commerce, a provider of e-commerce software, where he has led B2B e-commerce technology projects for such companies as Heineken, AkzoNobel and PostNL. Follow him on Twitter @arnoham and on LinkedIn.