Many people think that just because they are a 1 man band or a small business, that nobody would be interested in attacking their website.
However, cyber criminals are all around us, and a lot of the time they attack websites at random. They have the skill set and the software to easily pinpoint websites that have gaps in its IT and security.
Some common hacks on websites include compromising data, inserting tracking software or stealing your business identity. If you think that your website might not be as secure as it should be, here are key tips that most individuals can implement on their own in order to keep their site safe.
Make sure you update
Many of us receive regular notifications to update all sorts of software on a daily basis. The bombardment of these notifications is enough to make us put it on the “to do list” or to ignore the message all together. However, this is a key way that hackers see vulnerability in your security and attack.
Areas to keep updated include your CMS and plugins. Although most third-party hosting sites normally update as soon as needed, it’s good to keep on top of regular updates manually. If you see your hosted site needs to upgrade, simply send them a message to make them aware of this.
A way that you can ensure that you are up keep up with all the security updates is to get notifications automatically sent to you. For example, if you use WordPress, there is a plugin called WordPress Updates Notifier that when activated, will send you notifications of plugins that need updating in real time to your email address.
Keep passwords safe and secure
This may seem like an obvious one, but the amount of passwords that we need for social media, website admins and bank accounts can lead many to become slack when managing and setting up passwords.
You should try and have as many complex and different passwords as possible in order to protect your website’s security. A very important area to have a secure password is for your website’s admin login. When you set-up your website, you will normally be given a username such as “admin”. This will be the first username a hacker will test, followed by passwords such as “admin123” etc.
If a hacker does manage to uncover your website password, the damage may not be limited to just your website. More than likely, we use one password for more than just one platform. This can compromise your bank accounts, email and more. When a hacker gets access to your system, they can even place malware onto your computer that records your keyboard strokes. This is a key way that further passwords can be uncovered.
To protect yourself even further, record all your passwords in a spreadsheet that is on a separate device such as a USB stick. That way, if your computer is ever compromised, there are no records of your passwords on your desktop for hackers to find.
Audit your website security
This one may be a little bit more difficult to do on your own if you really aren’t tech savvy. However, it doesn’t cost much to have an IT freelancer do an audit of your website’s security every 6 – 12 months. This small cost can prevent a lot of damage that may occur in the future. Just like paying for your hosting and Internet provider, security maintenance should be just one of those things that goes along with running a professional website.
Some of things you can get a freelancer to do include;
- Remove any spam on your website, including any corrupt files.
- Review any errors you might have and their impact on your security
- Get notifications set up so you are notified of security hackings, such as someone attempting to login to your admin.
Website security may be one of the last things on your list when it comes to your website. However, without maintaining your site’s integrity, you could leave yourself open to a lot of damage including your business reputation.
The best way to attack the hackers is to keep 3 things in mind. Ensure you’re consistently upgrading your security by ensuring your CMS and plugins are current, install a plugin so you are receiving notifications of upgrades or hackings, and conduct a biannual or annual website audit that takes into account your security.