One of the first steps that every ecommerce business can take in order to improve network security is to thoroughly manage and control user permissions. This can be something that ecommerce businesses overlook when they set up a new user accounts on Windows Active Directory as well as CRM and CMS systems. But granting access to all business data to every user can be a real cybersecurity risk.
Staff members with high level privileges pose a greater risk of wittingly or unwittingly conducting insider attacks. No business wants to believe that their staff could act maliciously against them, but it does happen
. Additionally, if all users have complete access to the system then it only takes one account to be compromised in order to give criminals complete access.
It is a much better idea to limit the permissions of each staff member so that they only have access to the parts of the network and systems that they need to do their job.