Anyone who pays attention to current events, from Yahoo! to the Democratic National Committee, knows the topic of 2016 and 2017 is cybersecurity. However, hackers are not just interested in attacking governments and large corporations. They will target any size website or business, exploiting common vulnerabilities with automated attacks. Therefore, while you may think your website is not worth their time, small business websites are bombarded daily.
Many hackers want to use your site so they can hide and spread malware, and the majority of attacks are not for the purpose of stealing your data or damaging your website. Instead, the goal of many hackers is exploiting your server to send spam email or as a web server for illegal files. These hackers use automated scripts, scouring the Internet in an attempt to exploit the known website security issues of commonly used software.
Simply put, no industry or business is immune. Once compromised, your site can be used in Distributed Denial of Service attacks on other sites, and any website can serve this purpose. As a result, an unprotected website, even for a small business, is a security risk to customers, other businesses, and even the government.
Easy Ways to Secure Your Site
1. Make Admin Areas Hard to Find - A common way to gain access to a website is by attacking the admin area of content management software systems. Since these attacks are often automated, simply changing the admin directory name is enough to discourage attacks. If they can't find your back office area, it becomes extremely difficult to exploit your site.
2. Use Strong Passwords - Recent news reports revealed that John Podesta's (Hillary Clinton's campaign manager) password was "password", which made hacking his email easy. Shockingly, it is one of the most common passwords used. It is best to use a minimum of 8 random characters that include upper and lower case letters, numbers, and symbols.
3. Keep Software Updated - Even if you have a website custom build from the bottom up, it is important to keep all your software up-to-date. Nevertheless, content management software providers work continuously to patch security holes. Therefore, updating to the newest version will make you less vulnerable to attacks.
4. Use HTTPS - If you are an online retailer, your transactions are being handled by HTTPS (or Hyper Text Transfer Protocol Secure). However, the rest of your website may not have this protection. Besides the security aspect, Google has announced HTTPS is a consideration for search page rankings. This means it will affect your SEO.
What haven't we covered yet that is important to you? If you would like more information about cybersecurity and your website, or need additional suggestions, please contact us.