B2B e‑commerce security: 5 ways to secure your B2B web store

Michiel Schipperus
January 21, 2016

Levels of e-commerce security

You can conduct your business a lot more efficiently by using a web store for your B2B sales. Yet, Sana’s B2B E-Commerce Monitor 2015 indicates that only half of the B2B companies actually have a web store. Concerns about B2B e-commerce security appear to be the biggest obstacle when starting with B2B e-commerce.Your comprehensive guide to keeping your web store safe and secure mini cta

When a consumer places an order at a web store, you directly reap the benefits when a digital portal is connected to an ERP system. You probably already know this is a more efficient selling method for both the seller and the customer, yet you may have some security and data privacy concerns.

What levels of B2B e-commerce security can you put in place to protect the sensitive ERP information behind your B2B web store?

Fivefold Protection for Web Store Security

Sana Commerce’s B2B e-commerce security protects the application and its own source code in five different ways for strong protection against any external threats.

  1. Sana Commerce’s B2B e-commerce security is unique in combining the advantages of open and closed source with “secured open source code.” Sana Commerce’s source code is based on closed source, which is shared only with a strict selection of partners and clients. This way, an internal community is created and the benefits of both open and closed source are combined, while the weaknesses of each eliminated.
  2. Sana Commerce B2B e-commerce security is evaluated, tested and certified by Lion Bridge, Microsoft and SAP.
  3. Sana Commerce conducts security audits on a monthly basis. During these audits the system is ethically hacked in search of security cracks, which are then immediately fixed. As part of the selection process, a number of large clients tested Sana Commerce via automated static, dynamic, and manual security analysis techniques. The results confirmed the quality of the security and prompted these clients to do business with Sana Commerce.
  4. In the area of software security, Sana Commerce applies the best practices defined by the OWASP (Open Web Application Security Project). On this open source project, individuals and organizations share information and techniques toward identifying and rooting out unsafe software, and its causes.
  5. With Sana Commerce you cannot store passwords or request them for a second time via e-mail. When a password is lost, a new one always has to be created. Sana Commerce also never stores credit card information. This information remains at all times with the payment service provider (PSP).

Want to make sure your e-commerce platform isn’t a potential security risk? Download the free white paper now.

A secure internet connection

There’s no question that the security of the Internet connection between Sana Commerce and your ERP system has to be secure. In order to do this, it is important to know where the ERP-system is physically located. This varies for each company and is vital for the measures that need to be taken.

If it is located in your company data center, then security is essentially different than it would be if it were in the cloud. If the connection between the Sana Commerce web server and the ERP system run through the Internet, then this connection needs to be more heavily secured. In this case, Sana Commerce implements a chain of security measures, such as firewalls, SSL/TLS and VPN technology, as well as IP-restrictions and a DMZ.

With these measures in place, your customers can place orders without worries, while ensuring your administration is safe – and remains that way.

Would you like to know more about the Sana B2B e-commerce digital transformation report? Download it here!

Your comprehensive guide to web store security