Your online store is precious. Irrespective of whether it gets one, or a million orders, it represents an incredible amount of time, money, and effort that needs to be protected. Countless hours that have gone into perfecting your brand UI/UX and look and feel to ensure your customers have a great experience would be lost if something happened and your site broke - or worse, was hacked.
Shopify, the all-in-one commerce platform, has provided businesses worldwide with tremendous opportunities and transformative services that help start, run, and grow a business. It is for these reasons that your Shopify store can be one of your business's most valuable assets - which can have devastating effects if your site broke, or worse, gets hacked.
Security and Data backups might not be the most "exciting" aspect of your business, but they should be your top priority. This blog gives you five actionable steps that you can implement today to secure your Shopify store.
1. Make sure you have a strong password.
That in itself is pretty self-explanatory. We don't think it's necessary to remind you that using sequential numbers or letters or even your first name as a password is not a good idea (at least we hope so). Come up with a long, unique password, uses a mix of characters, and avoids memorable keyboard paths.
Cyber-criminals have several password hacking tactics at their disposal, but the easiest one by far is to buy your passwords off the dark web. If you have had the same password for an extended period for more than one account, chances are it's compromised.
Ideally, you want a password that is IMPOSSIBLE to memorise. We don't recommend using your web browsers to store your passwords since they can be revealed quickly. For that reason, we recommend a password manager like 1Password and LastPass. Both have a browser extension, web portal, and app that are excellent options to manage your passwords.
2. Setup Two Factor Authentication
So let's imagine that worst-case scenario, someone steals your password. You could get locked out of your store and have all your products deleted, your customer's personal information accessed, or even delete your shop permanently. Security breaches like this are preventable with Shopify's two-step authentication it has baked into its design. Two-Step Authentication is an extra layer of security designed to ensure you are the only person who can access your account.
It works by generating a unique code on your mobile device that will require you to enter after you have entered your password. 1Password, which we mentioned above, also supports Two-Factor Authentication without needing a mobile device, making the process much more convenient for you.
3. Set Access Limits
Be stringent about user permissions. As a rule of thumb, never share a password or use a shared login.
Unmonitored access to your store can also be a massive security risk. Store owners must give each user their account with set permissions limiting what each user can access. This will prevent users from improperly using a function they aren't familiar with and wreaking havoc with your store. Shopify allows you to set permissions in your store admin area. You can change these permission settings under Settings>Account>Staff Members.
4. Limit permissions you give to Apps
Shopify's security can also be compromised by unauthorised applications being given access to your store. Unreliable applications can introduce bugs to your store, which can delete entire product catalogues and make the platform as the whole untrustworthy.
Be sure to do extensive research before allowing applications access to your store; read reviews and be sure to give the correct permissions to these applications. The safest types of permissions to grant are "View" or "See." Those with the most significant amount of risk are the apps that request to "Manage" or "Modify" your data.
However, even with all these steps in place, it is imperative that you ensure you have a good backup of your Shopify store, either by following Shopify's duplication instructions or installing a backup app like Rewind.
5. Backup your Content.
Lastly, but most importantly, don't fall into the trap of thinking that your store is safe in the cloud in the event that something breaks or gets deleted. The fact of the matter is, if something is deleted off Shopify, that's it, it's gone forever. While Shopify enables you to import backed-up data like CSV files, this option becomes useless when your entire product, alongside its images, is deleted.
As the bearers of this unfortunate news, we do feel it is of great importance that, while informing you of the realities of owning an unsecured Shopify store, we give you the alternative.
Rewind is an app that comes highly recommended here at Blend Commerce; If we only chose for you to take one thing from this blog, Rewind would be it!
While Shopify backs up data, there's no way to retrieve that content once it's deleted; with Rewind, all order history, descriptions, pictures, and even SEO tagging is back up and retrievable. You can update content without worrying about losing key content.
Rewind also accounts for Human error. You can have the best security practices only for your store security to be thwarted by a simple mistake. Rewind enables you to "Rewind" your store to a previous version with as little as one click. Rewind gives you the peace of mind that your business's most valuable asset is safe and secure.