A Stable Shipping Solution: Why Ecommerce is Shifting
by Andy Bakun and Maddy Hogan
As the world navigates through the COVID pandemic era, the shipping industry is quickly adapting to support a surge in ecommerce business. COVID-19 has disrupted the service capabilities of ecommerce and the need for robust supply chains, technical capabilities, and security practices are paramount.
It is during times of uncertainty and fear that the need for cyber and information security becomes increasingly critical. The risk of security breaches or ransomware attacks does not discriminate by industry, financial stability, or system infrastructure. Everyone is a potential exploit target and it is important that the ecommerce industry continues to take the necessary precautions and adapt to the ‘new normal’ for our business models, our customers, and for our partners.
The New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) issued a bulletin addressing cybersecurity risks in early March, stating that while ‘there has been a significant increase in the demand for toilet paper, hand sanitizer, disinfectants, and other items associated with efforts to prevent and/or contain the spread of COVID-19’, organizations are ‘significantly increasing their demands for remote access equipment, software, and services including, but not limited to, laptops, hard multi-factor authentication tokens, VPN concentrators, collaboration tools, bandwidth upgrades, and more.’ While the concept of working remotely or from a laptop is common for many, this is a new concept for many businesses and their employees, exposing the workforce to new vulnerabilities.
EasyPost continues to focus our efforts on providing customers with a dependable shipping platform supported by a dedicated team. We are incredibly proud of our continued 99.99% uptime with the increase in ecommerce shipping volume, and continue to invest in our security measures to protect our operations, uptime, and customers' data. We’d like to share general security strategies in the identity, access, and vulnerability management areas that can be positive improvements for your business during these challenging times.
- MFA/2FA: Multi-Factor Authentication or Two-Factor Authentication should be mandatory to access any tools (network or application) remotely accessed by employees.
- Protect sensitive information: Support the safety and quality of your business’ data by implementing processes and controls for how sensitive documentation and information is accessed by remote employees. As much of the world has shifted to living and working under the same roof, it is easy to become lax about storage of business data on personal devices or in the cloud.
- Require strong passwords: Weak passwords are low effort for potential attackers to brute force and exploit. A password manager with the capability to generate strong passwords can maintain a high level of password complexity without significant burden on users.
- Maintain the ‘principle of least privilege’: Providing employees only the information access and privileges that are essential for them to carry out their job duties helps reduce the chances of a single compromised account from "moving laterally" into other systems.
At EasyPost, we believe the adoption of the above measures can assist your organization in privacy related to consumer information, no degradation in service for your customers, and the efficient delivery of goods during COVID. As companies continue to adjust to the work-from-home model, we hope many will take similar precautions to protect their business’ and customers.