Publishers of technology books, eBooks, and videos for creative people
The bulk of security-related advice is based upon preventing break-ins, hacks, and attacks, but responsible e-commerce developers and administrators know that it's just as important to have created an emergency plan well before trouble occurs. In this post, Larry Ullman talks about why an emergency plan is important and what, exactly, that means.
The first thing one has to do either immediately before or immediately after getting a driver's license or buying a car is acquire insurance. Why? Because at some point or another you're likely to need it. And when you do, being without insurance can be catastrophic. The same can be said when it comes to having an emergency plan for your e-commerce sites.
There are clear goals for an emergency plan:
The hardest, and most important of these goals, are the first two: identifying and fixing the cause of the problem. Actually, fixing the problem shouldn't be that hard, once you've found it, that is. If there's a hole in software you wrote, you should be able to close it. If there's a hole in some other server software, such as the Web server application, upgrading to the most recent version or applying a patch should take care of that. But how do you find the cause in the first place? The first part of your emergency plan, then, is to log all the key incoming traffic. By reviewing the logs, hopefully you can pinpoint the vulnerability. You may want to also use notifications for particular connections. For example, I normally have my servers email me when anyone logs in or connects via FTP. Knowing who accessed the computer when is invaluable with respect to your site's and server's security.
As for minimizing the fallout, let's start by dividing the possible calamities into two broad categories: those that are only bad for your site and those that are also bad for your site's customers. The latter is a much more serious concern than the former. If an intrusion could possibly mean access to your customer's data, the proper thing to do is to notify your customers of the potential risk (ASAP). While to some this sounds like a public relations nightmare, protecting your customers is more important. In particular, let customers know that if they use the same password in other places, they should change the password on those other sites. Also, the customers should watch their credit card bills (if that data might have been stored on your system) for fraudulent charges. Having a pre-written email that conveys all this, and having a pre-defined system for sending out such an email en masse, will save you valuable time after discovering the break.
As part of the emergency plan, you should also look into whatever laws might apply to your business. The state of California, for example, has rules in place for what an e-commerce site must do upon discovery of a security breach.
So there you have some quick, bare bones, but effective suggestions for how to go about creating an emergency plan. The most critical thing is that you're not pondering what to do in the case of a security breach for the first time after a security breach. And, as with everything related to security, the particulars of your plan will be largely dictated by the particulars of your site: the hosting, the type of business, what customer data is being stored, how active the site is, and so forth.