Category Archives: eCommerce

Web Security Essentials

Web Security Essentials

As we transition into the New Year, one of the biggest stories of 2014 – major corporations being hacked into – only seems to grow more prevalent. First it was Target then Home Depot and then a host of others, including restaurants, banks and even parking lot companies. This “first wave” of major hacking incidents were primarily financially motivated. The hackers were stealing credit card and personal information to sell or use on the black market. The cost to these major corporations to repair the damage runs in the tens of millions of dollars, not to mention the lost customer support and goodwill that these major brands have spent years trying to build.

The level of attacks has taken on a new dimension in two of the first of their kind – the lesser reported hack and subsequent wiping of entire computer systems at the Sands Casino and, perhaps most famously (or infamously) the attack on Sony Pictures for producing and releasing the movie “The Interview.” These attacks were radically different in that they were designed specifically to cause as much damage to the companies as possible, and not just to gain personal information or credit card numbers.

The attack on Target illustrates the need for all companies, both large and small, to implement strong web security policies. In the Target attack, hackers made their way into internal systems via an air conditioning/HVAC subcontractor. One of the most common ways for hackers to attack any system is to find the proverbial “weakest link” and exploit it to gain access to more secure systems. Thus, we at Shift One Labs wanted to provide some helpful tips and preventive measures that all companies – from the world’s largest corporations to individual business owners – should take to help create a secure, online environment for their customers, clients and vendors.

  • Strong Passwords: Creating strong passwords, much like flossing, is something that we all know we need to do but don’t actually do often enough. Creating a strong password might make it more difficult to remember, so you may want to use a password manager program to help keep them all straight.
  • Web Security: Talk to your web development company about security. If you run an e-commerce site, this is of vital importance since it is your customers’ credit card and personal information that is at the greatest risk. Make sure they are using secure, well known e-commerce solutions such as Magento or osCommerce. If they don’t provide detailed information about the steps they take to help build and host secure sites, come talk to us.
  • Use Open Source: Open source solutions offer users increased security compared to closed systems. Open source allows anyone to look into the underlying code that the software and applications are built on. Much the same way it’s a risk to buy a new house without a proper inspection, it’s difficult to truly access the effectiveness of a given program if you can’t see how it works.
  • Web Hosting: Look into the specifics of your web hosting company. What are their qualifications? What security implementations do they have in place? What level of support will they provide during a potential problem? Shift One Labs not only provides web application development – we also have website hosting capabilities.
  • Update Software: Updating the software on your computer – particularly the operating system – goes a long way towards helping prevent potential problems.
  • Offsite Backup: Creating on offsite backup of your most important data should be a core component of your IT system. Sites such as Crash Plan are designed to be easy to use and allow to you back up to a home or other trusted computer as well as the cloud.

If you have any questions about web security or the steps you can take now to help reduce the risk of a potential incident destroying your business, please reach out to us. For now, we need to go find some floss.

The Weblog Blog

Creating a name for a blog, much like a company (to say nothing of naming a child), carries with it a great deal of weight. For a new blog, the name should indicate the key topics that it will discuss (such as web development and e-commerce for example), and, hopefully, add a bit of personality as well. At Shift One Labs, we are big fans of Arrested Development and in honor of the Bob Loblaw Law Blog we’ve decided to name our blog the “Weblog Blog.” Much like our namesake we take our job very seriously, and much like the Arrested Development series itself, we try to find the humor in any situation.

While ubiquitous today, blogging is a relativity recent development. Just a decade ago the word was so new that it was named the “Word of the Year” by Merriam-Webster. The term “blog” is actually an abbreviation of the term “weblog” which itself is a combination of two terms: “world wide web” and “log.” Log, in this sense, meaning a list of activities that have taken place. The earliest blogs were, often times, simply a sequential list of updates to a website, in some cases to help users find particular pages or information that may have moved. At the same time, with the rise of personal web publishing tools (many of which allowed users to create websites without in-depth knowledge of HTML) combined with greater access to the internet led to a boom in personal web publishing – the “online diary” that is still very common on sites such as Tumblr.

Blogging today has grown and expanded far beyond its humble origins. Today, there are hundreds of blogging and CMS platforms to choose from. Key players in the industry include WordPress, Joomla! and Drupal. Each has its own particular set of features. Determining exactly which system is best for your business depends on a variety of factors as well as your long-term goals. At Shift One Labs we have extensive experience assisting clients with these types of decisions, whether you are in the process of implementing a large-scale CMS system or simply creating a humble law blog. No matter your goals, we can help make them a reality.

With the rise of social media, some have wondered if blogging is still a viable option to help increase brand visibility. There is a very easy way to test this – the next time you search on Google, see how often a specific tweet or Facebook post appears in the results. Most likely, they will be ranked below websites and blog posts on the same topic. While social media should certainly be part of your online presence, a well-written, regularly updated blog is one of the best ways to communicate with current and potential customers and allows for a more expansive forum to discuss your brand and value proposition. We’d love to help you build the perfect platform to help expand your business, and if you need a good lawyer, we can help you there too.