Loading...
Loading

Is Your Website Up To Date? 10 Things Every Website Owner Should Know About Cyber Security

2015-12-21by Andre Smith

It’s important to note that it doesn’t matter whether you’re an FTSE 100 company, or your website receives a couple of dozen hits a day - you can still be a target, and you can still make costly slip-ups in your IT security. There are around a billion websites online around the world today, and something like 1% of them - that’s 10 million or so - are thought to be compromised in some way. Possible scenarios include theft of money or sensitive customer data; theft of sensitive corporate information; the website being damaged or taken offline maliciously, or a fall in search engine rankings if Google detects an issue.

But while the price of a connected world and the ease of doing business online is eternal vigilance, a few simple precautions can be enough to prevent the majority of attacks. Here’s what any website owner should know…

Server Protection

If you can afford it, then using an external data centre puts much of the challenge and responsibility of fighting cyber attacks on a professional company that can afford the most stringent safeguards. A secure in house solution, such as that offered by 100TB dedicated servers, ought to have the capability to locate vulnerabilities on your site(s) and network(s), and block problems such as DDoS attacks while keeping the information you hold safe.

Awareness

While the technical details are probably best left to whoever handles your IT, unless you do that yourself, you should have a good understanding of the various threats and where they come from. This includes social media, email and third-party software integration, and what they entail, so that you can introduce policies to combat them. Internal staff IT policies should be enforced and regularly refreshed so that everyone is aware of their importance.

Security Inside Out

Most security breaches are usually made by insiders – often your own employees - making simple mistakes, such as opening an attachment from an untrustworthy sender, and unwittingly unleashing spyware or a virus onto your network. Regulating physical access is therefore of vital importance. Look at how you and your people log into the hosting panel, your computers, your website, your social media accounts. Are there vulnerabilities that could be exploited?

Online Inventories

A regular inventory of exactly what software and hardware is on your network can reveal potential problems that could lead to someone getting access to your site. Anything that is unauthorised or otherwise unwelcome, such as software installed without permission, should be removed.

Home Working

Many employees take work home with them, but home networks are not always as secure as those in the office, and if they’re logging into the website from home, or on the train, then this presents a problem. As the Hillary Clinton email scandal amply demonstrates, a lack of precautions regarding personal IT security carries with it severe risks. If you have concerns about any sensitive information being unsecured then you can limit what staff can do by measures including controlling administrative access.

Multiple Sites

If your business operates more than one website then never make the mistake of using the same user access details for them all. Make a point of changing all business passwords every few months - a pain, but a vital building block in web security - or use a password management system.

Outsourcing

Data centres, as mentioned above, are a good hosting option for some companies, but not convenient for others. Cloud solutions have advanced matters though, and for a relatively small monthly amount your business can place sensitive applications such as email, web hosting and data storage with a company that has vast amounts of resources focused on cyber security.

Privacy Policies

Any business that collects data should have a data privacy policy in place, so that both customers and staff are aware of exactly what information is being retained through day-to-day business activity, and how it can and should be used. While not every hacking attempt or data breach can be prevented, good encryption can ensure that the risks are minimised as far as possible.

Size Doesn’t Matter

Many companies make the elementary error, to their cost, that because they are small, or not well known, they believe they are not a valid target for cyber criminals. In fact nothing could be further from the truth. The bad guys have a wide range of motivations, from theft to espionage to creating a botnet, and if your website has an open door, someone will walk inside eventually.

Backup Regularly

Like a reliable safety net for a trapeze artist, you’ll hopefully never need to use your backup, but if you ever have a disaster, you’ll be glad it’s there! Aim for backing up every 40-60 days for peace of mind.

news Buffer
Author

Andre Smith

Andre Smith

Andre Smith is a marketing specialist, blogs about IT (cloud computing), small business and human resources.

View Andre Smith`s profile for more
line

Leave a Comment