Website hack attempts occur more often that you realize. Research estimates that, every day, more than 30,000 websites are infected with some type of malware. So how do you keep your company website secure?
A recent survey reported that 90% of all businesses suffered some sort of computer hack over the past 12 months, and 77% of these felt they were successfully attacked several times over the same period.
I’m not trying to scare you (well, maybe a little). Instead, I want to arm you with information that will help you keep your website secure.
Bizzuka customers, before you grab the phone to call us, let me assure you that we take the issue of website security very seriously, which is why we host all our sites with Rackspace, a company that upholds the highest security standards. (Download this PDF, which contains more detailed information on website security.)
James Lyne, Global Head of Security Research for Sophos, one of the worlds largest security companies, is someone who also takes website security very seriously. In an article at Forbes, he outlined several steps companies can take to protect themselves.
1. Use good code to keep your website secure.
Lyne says to make sure your website was built following good secure coding principles. Proper coding is foundational to website security.
2. Keep software updated to keep your website secure.
Check that your web server software and any other software you use such as a CMS is patched and up to date. In this way, you'll keep your company website secure.
If you are using a managed hosting solution like Bizzuka then you don’t need to worry as much about applying security updates for the operating system. The hosting company should take care of this.
3. Use SSL (Secure Socket Layer) for information transfer
Check that when you transfer personal information, credit card or other sensitive data you encrypt the web traffic using SSL. Encryption is the best way to keep your company website secure.
4. Perform a regular scan or check on your website
5. Back up your website to keep your company website secure.
Insure you have frequent backups of your website (particularly if you host a database with dynamic content or user information) as you may be forced to restore it in the event of an attack, says Lyne. If your website is hacked, then you'll have a way to roll it back to a secure version, which will keep your company website secure.
A good rule of thumb is everything required to get the site running exactly as it was at the time of the backup should be included.
6. Use strong passwords
According to one source, it only takes 10 minutes to crack a lowercase password that is six characters long. Add two extra letters and a few uppercase letters and that number jumps to three years. Add just one more character, some numbers and symbols, and it will take 44,530 years to crack. Therefore, the more difficult the password you can configure, the better off you will be.
- Use eight characters or more whenever possible.
- Don’t use the same password for everything.
- Change your passwords often.
- The greater the variety of characters in your password, the better.
- Use the entire keyboard, not just the letters and characters you use or see most often.
7. Become a Bizzuka customer
We don’t play around with the issue of site security. Our content management system is a managed solution hosted by a leading provider. We monitor our sites to detect malicious attempts and take steps to prevent such from happening in the first place.
Rest assured that, to the greatest extent possible, we will keep your site secured. Keep in mind that website security is a partnership so you will need to do your part. Following the tips provided in this post is a good way to start.
Additional website security tip information source: Syracuse University