When It Comes to Cyber Crime, The Best Offense Is A Good Defense. 

Retail businesses are a major target for cyber criminals because they store large amounts of customer information. Many small business owners assume they won’t get hacked, so they don’t invest in a cybersecurity strategy, which can be a costly mistake.

Instead of leaving it to chance, Jess Boutique chose to take preventative measures to protect its business assets from cyber criminals before it’s too late.


Jess Boutique Case Study


The Business

In July 2011, Jessica Pomerleau founded Jess Boutique in Burlington, Vermont, intending to help women feel more confident. The boutique specializes in women's designer clothing, jewelry, and accessories.


The Cybersecurity Challenge for Retail Businesses

Retail businesses store large amounts of customer data, which is not only their business asset but also the prey of cyber criminals. Since retailers are the most frequent targets of cyber attacks, it's crucial to know the facts about these attacks and take precautions to protect yourself.

  • In 2021, 57% of all e-commerce cyberattacks were bot-driven (Imperva Research Labs)
  • Survey results from Sophos indicate that 44% of retail organizations have been hit by ransomware in 2020, and 32% of those have paid.
  • The lack of adequate cybersecurity makes 62% of retail customers unconfident about their data's security. And 25% say that they know their data is not safe with retailers. (www.Fortinet.com)
  • MalwareBytesLabs estimates that retailers lost over $30 billion to cybersecurity attacks in 2019, more than any other industry.


The Results of a Penetration Test May Surprise You

One Step Secure IT ran a vulnerability scan on Jess Boutique systems, including the three computers used in the stores. Jess Boutique thought they were secure, but the scan results proved otherwise when they received a high-risk score of 97 out of 100. One Step provided the estimated cost of these risks if a cyber criminal decided to target their business and Jess Boutique wasn’t interested in ever having to pay it.

Some of the security risks uncovered by that scan: 

  • One Step was able to gain access to 4 company credit card numbers that were being stored on company computers 
  • Business email addresses were found on the dark web
  • Store computers and drivers were not being regularly patched and had 19 missed updates collectively

Jess Boutique did not have a password policy and lacked complex password requirements. The store computers did not have a lock-out feature after multiple failed login attempts. And what they didn’t know was that hackers often use bots and password hacking programs that run thousands of password attempts to break into systems — without an automated lock-out, businesses are left defenseless to these attacks.

Small cybersecurity risks compound to create enormous risks and make a small business an easy target for cyber criminals. 

Jess Boutique decided it was time to protect the business and implement a cybersecurity strategy with the help of One Step Secure IT. One Step’s cybersecurity experts created a plan to get Jess Boutique in the low-risk category and fix the security gaps, including cybersecurity training for Jess Boutique employees to ensure everyone is on the same page. Employees at Jess Boutique now know cybersecurity best practices and can look out for red flags.


Jess Boutique Case StudyOne Step IT Services for Jess Boutique

Jess Boutique depends on One Step to support its retail technology and IT infrastructure and are confident that they will handle any IT issues with cybersecurity in mind.

The customer service at One Step is amazing. The IT is incredible; we really haven’t had any security issues. With electronics and systems — things happen; I feel like anytime we have needed some support, it’s been really prompt, and they have been a really easy company to work with, Alexis Pomerleau, Jess Boutique’s current owner, said.


The Best Offense Is a Strong Defense

Jess Boutique took action to protect their company and customer data proactively, and as a result, they have not experienced a cyber incident, which is more than many small retailers can say today.

Mainly, we’re just really happy. Everyone’s been super friendly and really easy to work with. There are check-ins even when there’s not a problem, like ‘hey, we’re still here. Let us know if you need anything. How are things going?’ That feels really nice — it’s not just when we call for problem-solving, it’s the company being really proactive, Pomerleau said.

If IT or cybersecurity issues arise during or after store hours, One Step’s IT professionals are just a phone call away.

Like What You're Reading?

Subscribe to the Cyber Roundup E-Newsletter for useful tips, relevant blogs, insights from experts, and upcoming events.