If you, like many business owners, are of the opinion that your business website is unlikely to be affected by cyber crime, please think again and read on.
According to a 2012 Sophos Security Threat Report, on average 30,000 websites are hacked every day. Whilst some big brands may be specifically targeted, generally, cyber criminals simply use highly effective computer software programs to automatically detect vulnerable websites, which are perfect to infect, no matter how big or small they are.
The majority of the time it will be easy to tell if your site has been affected:
- It will not work at all – with a delightful message appearing instead stating ‘your site has been hacked’
- It may redirect to some unsavoury content
- Parts may be missing or not function properly
Occasionally however, the attack can consist of cloaked malicious code which is undetectable to the human eye. Incidents of this nature can affect your search engine rankings as the content could be interpreted as spam and result in your website being flagged or de-listed.
So what security measures can you put in place to help protect your website against cyber crime?
Whilst it is important to ensure you chose a reputable hosting company to look after your website, there are a few simple changes and standard practices you can also follow which could ultimately protect your site from approximately 80% of day to day cyber attacks:
1) Keep your software up to date.
The content management systems (CMS) many of us use to build our website nowadays (like WordPress, Drupal or Joomla) regularly update their software. Most of the time, you, as a user will need to manually log into your website admin interface and apply the upgrade. As well as introducing new features, the key reason for most updates is to add additional protection to your website from the latest virus or malicious code.
This principle also applies to any themes or plugins you use on your site – always keep them ALL up to date.
2) Username & password management
First, make sure your username is bespoke. When you, or your web designer first install your CMS software, sadly many still use the default username option of ‘ADMIN’. How does this make a difference? It simply gives a hacker 50% of the information it needs to access your site!
Second, have a strong password. I was amazed to read that the top 5 passwords people were still using in 2014 were (in popularity order):
This is madness! Whilst we all know password management can be a pain, it’s for our own good – please take the time to create bespoke passwords, strong ones tend to have at least 8 characters, using a combination of letters, both lower case & capital, numbers and other symbols.
Third, regularly CHANGE your passwords – the recommended interval is every 60 days.
3) Protect your site
Use a security plugin or extension and run a website security scan on a regularly basis.
I run all of my websites on WordPress and use a free security plugin which appears to tick all the boxes. It is regularly kept up to date so that it works with the latest version of WordPress and has been downloaded over 4.7 million times! You can learn more about how it works by visiting the Wordfence Plugin overview available at wordpress.org
4) Use Google Webmaster Tools
Google still leads the field in terms of search engine popularity and offers some great tools to help you manage your website. As well as providing important analytical information, there are 2 ways it can help you pick up on any possible cyber crime activity:
a) Security Issues – Anything unusual will be reported here as well as in the site message section
b) Content Keywords (under the Google Index Section) – Make a diary note to review these from time to time. The list should only contain words that are relevant to your site.
To sign up for Webmaster Tools (it’s free) visit: https://www.google.com/webmasters/tools
Recovering from a cyber attack can be a slow and frustrating process and could have a severe impact of your business both in terms of reputation and profits. Once implemented, the recommended measures in this article take a few minutes each month. Take action now to stop your business website from being the next victim of cybercrime!On average 30,000 websites are hacked every day – how secure is yours? Click To Tweet