Member Article
Making the most of the Black Friday bonanza
Shoppers in the UK spent £1.4 billion online during the Black Friday weekend last year. The four-day retail event has become a key part of retailers’ sales calendars. As online spending rises whilst high street spending continues to fall, there has never been more emphasis on the uptime and availability of ecommerce websites to ensure that sales targets are met. With this in mind, nine IT experts have shared their top tips for retailers to ensure they get the best out of this busy holiday season.
Scalability is key
No matter what the scale of your ecommerce operations, preparing your web applications for known or unknown traffic spikes is essential. “Scalable cloud services can be vital for businesses operating in today’s competitive retail environment,” comments James Henigan, Cloud and Managed Services Director at Six Degrees Group. “It’s critical to build a suitable platform and application architecture that enables horizontal scaling of the application in scenarios of load increase. Working with your service provider to understand how this can be technically and commercially achieved is a key consideration, along with how dynamically this can work. The cost of dynamic scaling is often not warranted when peak demand is known and can be planned for. However, with events such as Black Friday when the size of the load increase is unknown, having the ability to dynamically scale is critical, along with the appropriate commercial and contractual model that enable this.”
This is something that Paul Bryce, CCO at Node4 agrees with, stating that a business’ Black Friday plans could “all be scuppered if downtime is experienced, as not only is the customers’ experience negatively affected but with consumers looking elsewhere for deals, sales could also drop.” Paul suggests that, although one size doesn’t fit all, “a hybrid cloud solution can be used to provide retailers the best of all options on Black Friday; with fixed capacity for core applications and the ability to rapidly scale on demand with the public cloud, this accommodates the sudden influx of traffic.”
Gary Watson, CTO of StorCentric and Founder of Nexsan also adds that “it’s important to ensure any IT environment can meet the retailer’s needs and isn’t being stretched beyond its limits. This also means testing the elasticity and capacity demands and ensuring there are adequate cost control measures in place when it comes to scalability.”
“The question is, is your hosting ready?” believes Jon Lucas, Director at Hyve Managed Hosting. “All the discounted pricing, online advertising, and most importantly your merchandise, will be a waste if your website fails to cope with spikes and influxes. After all, over a third of UK shoppers say a non-functioning website immediately damages their opinion of a brand, causing perceptions of an ‘unprofessional’ and ‘poorly managed’ business. Make sure you have a scalable solution in place that can run tests on your website beforehand, adjust resources as and when needed and easily manage bursts of activity in order to provide a reliable, secure platform when you need it most.”
Prepare for the worst
The Black Friday weekend is a critical event for the retail sector, and the ramifications of a malicious intrusion on the company’s network could be devastating. “For example,” says Stephen Moore, Exabeam Chief Security Strategist, “studies show that the global average cost of a data breach now sits at $3.86 million, however, these reported numbers are misunderstood, do not represent the complete costs, and are greatly underreported.
“This holiday season, adversaries could be after the massive influx of credit card data– or even just looking to disrupt the business, sometimes as a distraction or to make a point, and negatively impact its profits. No matter the motivation, the cost of an outage will only be amplified by the increasing traffic of these massive sales. The transactional volume at the end of Q4 often makes or breaks most retailers – and adversaries know this. Some retailers, unofficially, have standing orders to keep systems operational and available even if it means allowing the attack to persist, as such the defender must have the tools to continually track the adversary. With this in mind, we must arm the defender, who is already exhausted, with an edge to gain visibility and “buy” back time. Behavioural modelling, advanced analytics and machine learning, when aligned to the goals of the defender and consumer can play an important role in protecting retailers’ businesses and profits year-round.
“Detecting adversaries by establishing a baseline of normal behaviour for all accounts and assets in the organization — including communication patterns, ports and protocols used, and operating activity — automatically identifies risky device activity that may be indicative of a security incident or compromise. This helps to protect retailers and consumers from criminal activity, breaches and insider threats, even during the busiest times of year.”
At this time of year, retailers are the prime target for many attacks. “Compromised point-of-scale (POS) systems have been the gateway to some of the largest and most damaging data breaches of recent years,” comments Jan van Vliet, VP EMEA at Digital Guardian. “These attacks are particularly hard-hitting because they usually involve the theft of sensitive financial details including customer names, credit card account numbers, expiration dates and CVV security codes.
“There are multiple measures retailers can – and should – deploy, however, to defend against these attacks, Van Vliet explains. “This includes encrypting all POS data upon entry and decrypting it only when it reaches the payment processor; implementing application whitelisting; regularly updating POS software and performing regular vulnerability testing; segmenting networks used by POS systems; and using complex, secure passwords and 2FA.”
Additionally, recent data shows that the window of exposure (time duration for which there is at least one exploitable serious vulnerability) for retail applications remains high, with over 60 percent of all retail applications having one or more serious vulnerabilities open throughout the year. “Clearly, security is being overlooked in the endeavour to get better, faster applications before the holiday season hits,” commented Setu Kulkarni, Vice President, Strategy & Business Development, WhiteHat Security. “This is unacceptable as the onus of security should not lie with the end customer. Retailers have the opportunity to do right by their customers by providing a more secure online shopping experience. In this day and age, where one breach could lead to millions of dollars in monetary and reputational losses, retailers can not only mitigate these losses but also create market differentiation for themselves by providing a secure online shopping experience.”
However, if the worst does happen and the website experiences downtime, retailers can feel the pressure to ensure 100% uptime to serve an ‘always-available’ customer culture. “When it comes to managing this high demand surge over consumer holidays like Black Friday, establishing a multi-cloud environment can help make sure your website isn’t vulnerable to suddenly dropping offline,” says Gijsbert Janssen van Doorn, Tech Evangelist at Zerto. “Indeed, having the freedom to move to, from and between any combination of clouds, including Azure, AWS and the hundreds of smaller local cloud providers available, can aid retailers in coping with the huge spike of traffic and sales, regardless of any challenges that third-party cloud suppliers may be experiencing. The risk is spread across multiple platforms, minimising the possibility of vendor downtime.”
“As Black Friday approaches, retailers are making critical decisions given the data they have at hand to understand the likely purchasing habits of buyers during this often high-intensity spending season,” concludes Neil Barton, CTO at WhereScape. “By analyzing the data patterns from previous years, retailers are able to both optimize their supply chain to meet demand without over-ordering, as well as be ready to offer significant personalized sales incentives and discounts for both Black Friday and Cyber Monday shoppers. Additionally, real-time data collection and analysis during these mission-critical events will enable online retailers to respond quickly if any unexpected deviations should occur to limit risk or better capitalize on opportunity.”
It’s important for retailers to be on their toes during the Black Friday weekend, preparing for anything that could potentially happen, and being able to bounce back should the worst occur in order to reap the full benefits the holiday has to offer.
This was posted in Bdaily's Members' News section by Industry Experts .