Retailers behind security 8-ball: survey

Canadian retailers’ concerns around security threats and online transaction fraud are rising, yet few have taken concrete steps towards alleviating those fears, according to a new study released Thursday.

Ipsos-Reid surveyed 500 retail executives in November 2004 and found one of their biggest concerns was loss and misuse of customer credit card information. Seventy five per cent saw this as a significant security threat to their businesses and customers.

“A lot of retailers and some other data storage companies in the U.S. have kept this data on servers that haven’t been protected and they’ve lost that data,” said Anthony Santilli vice-president of marketing for Soltrus Inc., a Toronto-based IT security and digital trust services firm. He cited external hacking and internal theft as two of the main reasons why this data disappears.

While concern about online commerce security breaches is growing, many tools deployed by retailers to prevent such incidents are “basic,” according to a Soltrus release on the survey.

Eighty seven per cent of respondents identified user names and passwords as their leading form of online security; firewalls and VPN solutions were employed by 64 per cent of the respondents; and 51 per cent reported using PIN numbers and static and/or dynamic passwords.

More advanced methods of defence were not deployed nearly as often. The survey found that only 20 per cent of responding merchants used disk and file encryption software; just 18 per cent used identity management software; and only 14 per cent had deployed managed public key infrastructure (MPKI) and digital certificate authority systems.

“What the business has to do…is make sure they take the proper steps to secure the data on their site,” said Santilli. “Where is that data being secured? Because the transaction can be secured but if [retailers] aren’t safely or securely storing that information on their servers, there is an alternate weak point.”

Ipsos-Reid surveyed various sizes of retailers across the country, but Santilli said that some of the biggest security problems are seen in the smaller shops.

“When we look at medium to small retailers, we’re looking at a couple of constraints: budget constraints, the understanding about security, perhaps they don’t have the staff to do the appropriate due diligence on their e-commerce infrastructure,” he said. “That is a segment of the market that lags behind large enterprises and might be vulnerable to attack, to fraud and to leaks of information if they don’t plan appropriately for their security.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now