At Pulse Commerce, the security of your orders and online business is our top priority. Pulse Commerce offers full support for the latest SSL encryption protocols and removes older, expired SSL protocols from our servers. Additionally, Pulse Commerce maintains several layers of physical, network, and software security. The following are some additional best practices that you can take to help ensure the security of your online store and customer transactions:
- Use SSL to secure both the Admin Panel and Online Orders. By default this is enabled, but ensure you do not add any hard-coded non-secure image paths or scripts to your header or footer.
- Use Real-Time Credit Card Processing - This is inherently more secure than manual credit card processing.
- Employ the McAfee Secure Seal Program (formerly HACKER SAFE). If you are interested in joining, please contact your account manager.
- Change Your Administrator Passwords frequently - Pulse Commerce recommends that you update the passwords used to access your site at least every 45 days.
- Monitor your site - You should monitor the behavior of visitors on their site. Suspicious activity could include placing several orders on the site from the same IP address. Orders which have different shipping addresses from the billing address are at a higher risk. Watch for an increase in the number of incomplete orders or the number of credit card declines. Additionally, you should review reports, web analytics for other potentially malicious behavior.
- Review and comply with PCI Data Security Standards - All sites accepting electronic payments are mandated by all the major credit card associations including: American Express, Diners Club, Discover, JCB, MasterCard Worldwide, Visa Inc. and Visa Europe to achieve compliance with the Payment Card Industry Data Security Standard (PCI DSS). By default Pulse Commerce is compliant, but ensure your business practices regarding customer credit cards and record keeping are also compliant.