Best Practices for Website Security
Cyber-security is a major issue for businesses around the world. You often hear about hacking in the news, with talks of cyber warfare, malicious underground groups and acts of fraud. While these are certainly real threats to large organizations and government entities, small business websites made for marketing their products and services are not usually targets at that level.
If your website does not hold any financial, medical or governmental information in its database, it doesn’t usually pay off for a hacker to target your website specifically. Our clients most often face hacks from simple “bots”, or servers that scan thousands of websites at once for vulnerabilities. If they do find a vulnerability, they typically try to inject spammy content onto their web pages, to gain links and traffic back to other websites.
While this isn’t as big of a problem as having all of your customer’s social security numbers stolen, it is still a hassle to have to clean up a hacked website. We’ll have to patch the website, clean up content, and check for any backdoors left in your code.
Luckily though, there are steps you can take to mitigate the risk of vulnerabilities in your website. Here are three simple ones that are easy to perform.
1. Use Good Passwords – You’ve been told this before, haven’t you? Create a password with numbers, symbols and upper/lower case letters. Make it at least 6 characters long. Common words as passwords will fall victim to hacks.
2. Update Your Code – It’s important to keep your website’s CMS code up-to-date. The communities that help develop the software release updated code on a regular basis to patch any possible vulnerabilities. If you ever have questions on updates, please reach out to our team.
3. Avoid Sensitive Information – Never store sensitive financial, medical or governmental information on your website. Always use a third-party payment processor for credit cards, and leave HIPPA medical information on HIPPA compliant servers. By leaving this information off your site, you greatly reduce your risk and liability from a hacking incident.
Not so scary after all! These tips are simple, and will avoid headaches from hacks down the road.