Is Your Online Security Fit for the Online Consumer?
By Bob Tarzey
There are few businesses that are not dependent to some extent on their online presence. Websites are no longer simply a source of information, but a place to transact with customers.
Often this will mean dealing with regulated personal and financial data and a commensurate investment in security is required. Those that fail to do may lose the trust of customers and face penalties from regulators.
Dealing with consumers is problematic not just because they expect web sites to perform well and be highly available but because of how transactions are competed.
Payments are usually taken using on the spot payment cards or services, bringing many consumer-facing organizations in to the scope of the Payment Card Industry Data Security Standard (PCI DSS) and other data protection regulations. B2B transactions on the other hand, will often have delayed payment covered by lines of credit.
New Quocirca research shows how the consumer-facing majority (77%) and non-consumer-facing minority (23%) differ in their approach to securing their online presence. The free research report, which is called Online Domain Maturity, was sponsored by Neustar, a supplier of online security and monitoring services.
Consumer-facing businesses are almost twice as likely to be increasing the budget dedicated to securing and managing online resources compared to those that only deal with other businesses.
This extra investment is often focussed on state of the art security. Consumer-facing businesses are more likely to have in place distributed denial of service (DDoS) protection, fraud detection, security information and event management (SIEM) and advanced threat protection. Their non-consumer-facing counter parts still rely on older technologies such as host-based anti-malware and intrusion detection systems (IDS).
Consumer-facing organizations are less likely to rely on in-house skills to achieve their goals. They are more likely to outsource both security and infrastructure leaving them free to focus on the customer experience and transaction closure rates. In almost all areas of security, consumer-facing organizations are more likely to use on-demand services.
This is also true for content delivery networks (CDN) and domain name services (DNS) as well as for the overall hosting web sites and online applications. Better security than many organizations are able to achieve in-house is high on the list of cited benefits of on-demand services.
The internet is now embedded in so many business processes that the choice is how well a given business secures and manages its online presence rather than whether it has an online presence in the first place.
Dealing with consumers raises the biggest challenges and consumer-facing organizations are rising to these through investment and successful partnering with on-demand security and infrastructure service providers.
That is not to say all consumer-facing organizations have got it right, many still have room for improvement; the laggards need to learn from the leaders. Organizations whose primary focus is B2B certainly need to shake off their complacency.
As more and more digital natives enter the work place they will bring their consumer expectations and habits with them. They will expect to be able to find the resources they need online with the security and performance to match. Whether they are transacting for business and personal reasons, a top class online experience is expected by consumers. Businesses that fail to deliver this do not have a long term future.
Quocirca’s report, sponsored by Neustar, is free for Security Current readers to download here.