How to prepare for Black Friday – from downtime to security

null

Black Friday is almost upon us and the weekend sales are set to see thousands of shoppers surf the web, and hit the shops, to grab the latest deals in the run up to Christmas. However, each year we see websites crash due to the influx of requests. Already, we have seen Debenhams fall victim to this, with online shoppers struggling to gain access as its site crashed earlier this week.

Gary Watson, founder and CTO at Nexsan comments, “Black Friday is a critical day for retailers, with many set to take in double if not triple their usual sales. However, this does place greater pressure on IT infrastructure to be able to deliver. With growing numbers of sales and spikes in traffic, some systems could run into downtime if organisations are not prepared. When we think of Black Friday, many people think of ensuring there are plenty of staff in place, but it’s also important to ensure your IT environment can keep business operations running, especially with more people hitting the web. Ensuring IT can eliminate performance and management bottlenecks will help to keep processes running smoothly. However, it’s also critical to ensure systems can get back up and running in case of downtime. During one of the busiest shopping days of the year, every minute of downtime for retailers will be costly. However, Black Friday is also one of the days we hear reports of slow websites and glitches due to the high demand of bargain hunters.”

Jake Madders, Director at Hyve Managed Hosting also addresses business downtime and looks at how organisations can limit the impact. Madders commented, "Black Friday is one of the most important days in the calendar for any online retailer. If your site goes down, you’re losing money. Your web host must be able to seamlessly scale according to demand. This is the main benefit of cloud hosting, because it means that your website will cope with whatever traffic is hitting it. Due to the cloud pricing model being based on usage, it means you’ll only pay for resources you use. Utilising a cloud hosting provider means that you can easily cope with Black Friday traffic without having to pay for bandwidth and other resources that you won't need for the rest of the year. It’s also essential to check the SLA your web host offers. If something does go wrong on Black Friday, how quickly do they guarantee they’ll bring you back up? Make sure your web host can scale to demand, allow you to reduce back after the event, and will quickly fix any problems for you.”

Mind the apps

Phil Barden, Senior Business Development Director at Six Degrees, believes technology is the driving force to overcome these challenges. Barden explains, "As with most other industries, technology has become a driving force in the success of retailers, but with this dependency can come the opportunity for unplanned disruptions on websites and apps where shoppers now prefer to do most of their purchasing. This shift in focus to online shopping puts the spotlight on IT departments to provide reliable, secure platforms and infrastructure to not only support business goals, but also ensure customers can complete purchases at any time of the day or night. This need for constant availably is greatly magnified during the holiday shopping season that kicks off with Black Friday. In a recent survey, conducted by Martec International, more than 90 per cent of retailers stated that loss of sales or inability to trade are the biggest business risks in the event of critical application failure or downtime.”

“This focus has made IT teams a critical part of the plans that retailers make in preparing for the holiday shopping season. One way that retailers can minimise the risk of downtime impacting their year ending sales is by leaning on managed service providers to deliver the flexibility, scalability and agility that online sales platforms require to manage sudden bursts of activity. A service provider can also be on hand to provide expert support to prevent downtime from impacting business revenues, which could prove to be crippling during the busiest time of the year.”

Alongside downtime, Black Friday also poses security risks that need to be taken into consideration. Thomas Fischer, Global Security Advocate at Digital Guardian noted, “Recently, security researchers from Risk IQ found that one in every 25 Black Friday themed apps currently available in app stores are malicious. With this sort of fraudulent activity on the rise, retailers need to monitor their online presence to ensure that attackers are not attempting to impersonate the brand to get sensitive customer data directly from the customer. Consumers are especially vulnerable around Black Friday and fraudsters will do everything they can to make scams successful. In response, retailers can begin by asking customers to remain vigilant and proactively report any suspicious activity associated with the brand. This might include fake websites and apps, phishing emails or fake promotional text messages. When it comes to fraud, transparency is key in building a trusted relationship between retailer and customer.”

“In the Black Friday rush, retailers' e-commerce platforms themselves are also likely to be a target for data leakage or theft. For example, an attacker could attempt to intercept communications between the customer and the application. This is commonly referred to as a man-in-the-middle attack and means that anything the customer sends to the retail website can be viewed, intercepted and changed by the attacker. In response to this, retailers must ensure that their online presence, website or portal has been suitably secured.”

Supply chain security

“One of the most important safeguards for doing this is backend storage encryption. This means that if data is accessed or stolen, it is not readable. One example of this is using a process called pseudononymisation to encrypt the data. E-commerce sites should also utilise encryption techniques when transmitting customer data across the Internet, for example when a customer registers with the retailer, or when the retailer shares customer data with partners or subcontractors.” 

 “This year’s attack on Debenhams also highlights the importance of supply chain security in safeguarding customer data, especially for retailers that work with lots of different third parties. Retailers should regularly investigate all partners who have access to customer data to understand exactly who has access and how any given partner's security stacks up against the retailer's own data protection policies. Not only should the retailer continually review and monitor its own security posture and technologies, but it should also have a framework for continually monitoring third parties. This will help ensure that the retailer is not the focal point of someone else’s mistakes." 

Image source: Shutterstock/MIKHAIL GRACHIKOV