According to recent information there are about 6 million people or so that are watching this show every Friday night. Now that is a fairly decent audience that is being exposed to whatever the entreprenuer is demonstrating that night and of course...their products. These 6 million viewers actually have a huge impact on the security of the small business that each entreprenuer has (I will explain how in a second). For those of you that aren't aware, small businesses make up 85% of the business in the USA. Unless you have a decent technical background, a good technical friend, or unlimited time on your hands; chances are you hire someone when it comes to the technology aspect of your small business. Here are the common items usually needed when setting up your technology for a small business:
- Website
- E-Commerce System (Shopping Cart or Ordering System)
- Hosting provider (to host your website)
- Possibly a database (to track orders / customer data)
If you are like the average small business owner you are going to hire someone to help you put all this together. A web design company for your website and e-commerce, someone else to setup the website on the hosting provider, and yet another to configure your email and software. You could also hire the same company to do all of these things for you. So where exactly is the problem? Well...most of the small business owners are actually using other small businesses to setup/design/deploy the above items. Most small businesses also aren't trained properly to code/setup/design websites and e-commerce sites securely (largely in part to the fact that they are a small business and don't have a huge training budget or staff to train them properly).
So here is where TV and Shark Tank comes in. Last week a woman who makes cakes went on the show and pitched her cakes as "the best". It turns out that people really like cake and decided to visit her website and possibly buy a cake. Out of the 6 million people watching somewhere around 75,000 of them tried to access her website at the same time within an hour, inadvertently causing a Denial of Service (DoS) attack on her website (this is where the website goes down because of too many requests at the same time). Once the site came back up, Twitter was all buzzing about the tons and tons of people that ordered a cake from her site. Being intrigued myself I looked around her website and actually found an error or two. Then I checked the website of another small business owner that appeared on the show earlier that same day, and again found a few errors. My point here is that these websites shouldn't be causing errors and these errors could *possibly* be security holes due to quick or inexperienced technical persons setting up the site.
Imagine if you were one of the 75,000 people who ordered a cake only to find out that the website you ordered a cake from was compromised?! You name, credit card, etc. are now in the hands of a malicous user and you probably won't know because small businesses don't usually have the resources to detect these kinds of attacks. While I'm obviously talking in extremes at this point, the insecurity of small business websites and serious security concerns is not something we should just ignore. Shows like Shark Tank are exposing small businesses to the masses and customers are flocking quickly to check out the latest products. While small businesses are great and I'm a huge supporter of them, I strongly suggest that all small business owners take the time to invest in security for their websites and e-commerce platforms. Nothing is more embarressing then your entire customer list or credit cards being stolen/exposed...that is defintely one quick way to lose all your customers. Make sure as a small business owner you educate yourself to web attacks like Cross Site Scripting and SQL Injection. Even if you know nothing about technology you should invest the time to learn.
The best defense is a good offense, so small business owners should try the following:
- Educate yourself on web application security (OWASP Top 10)
- Ensure you use strong passwords when working with small business accounts (Strong Passwords)
- Test (or hire a tester) for your website security
If you have any questions about website security or would like any recommendations on companies that can help you with security, you can check out ModLearning or email support [at] modlearning [dot] com. Small business owner questions always welcome.
**I'm not knocking on Shark Tank in any way and think the show is great! I totally feel it is the responsibility of the business owner to ensure website security. There are tons of other shows similar to Shark Tank that drive users to products.**
0 comments:
Post a Comment