Retail Observer

RETAILOBSERVER.COM FEBRUARY 2020 48 Y ahoo, Facebook, Marriott – these are some of the world's biggest brands that have fallen victim to poor security and massive data breaches. According to security software provider Norton, at least 4.1 billion records were exposed by data breaches last year through November, including credit card numbers, home addresses, phone numbers and other highly sensitive information. But the issue is not limited to global companies. Independent dealers can be affected by data breaches, too. Which begs the question: How is your business safely holding its customers' information? Fortunately, the BrandSource buying group has the latest tools to help members protect their customer data and navigate the ever-changing tide of privacy and consumer policies. One of the most recent changes has taken place in California. The California Consumer Privacy Act (CCPA) went into effect last month, allowing consumers to know what personally identifiable information (PII) is being collected by a business and its website. This includes a host of information that doesn't typically raise red flags, but which can be triangulated with other data to create a profile of a specific individual that includes biometric info, browsing history, education, employment records and even personality traits. And if the consumer wishes to have that trail of personal breadcrumbs deleted, businesses have 72 hours to comply or face a fine! In addition, elements of a recent European initiative, the General Data Protection Regulation (GDPR), are likely to be adopted by the U.S. in the next few years. Like the CCPA, a key component of GDPR is an opt-in and notification message enabling the consumer to be aware of and acknowledge that your site will be tracking their online presence. AVB Marketing – the digital marketing arm of the BrandSource buying group – is on top of these regulations and is preparing to release the latest round of tools and information to help its members remain compliant. As for other steps you can take to ensure that your customers' data is safe, we asked our technical and security team to share some advice and give us a look ahead. Yu Lee, AVB Marketing's Administrator for the Magento eCommerce platform, suggests, "Members should not request sensitive PII such as credit card details from customers by chat or email." While it might seem easy and convenient to use these tools to help process an order, they are typically insecure platforms and easy targets for hackers, he said. "At AVB Marketing, we implement security and privacy measures such as installing SSL certifications and blocking any malicious activities on member sites," Lee said. "We also recommend that members utilize the fraud protection features of their payment gateways such as AuthorizeNet and PayPal." There's no question that security was a top priority for the team last year, and they've set an even loftier goal for 2020: PCI Level 2 Compliance, which is among the industry's toughest standards. As AVB CMO John White explained, "Most websites maintain Level 3 or 4 compliance, while Level 1 is for banks and large financial institutions. Level 2 is a significant step to show our members and their customers that AVB Marketing is the best and most secure platform with which to host your digital marketing effort." According to Peter Rozental, Director of Development at AVB Marketing, the group expects to attain Level 2 certification by the second quarter. "Level 2 certification is significant as it touches all aspects of our business to make sure we are following processes and guidelines to ensure the safety and integrity of our data," he said. "It is a very detailed process that we are going through to pass certification protocols and tests." As you can see, keeping dealers' data and customer information safe and making their websites compliant is a top focus for AVB Marketing. BRANDSOURCE BRANDISHING TOP TOOLS IN DATA PROTECTION Seth Weisblatt Technology of Business Seth Weisblatt, Director of Furniture, AVB/BrandSource. RO

• Cover