From stolen credit card numbers to a Facebook profile or email account being hijacked – it’s something most of us have already experienced at one point or another. Unfortunately if you are a business owner with a website that captures valuable data such as credit card numbers and user information such as social security numbers, you are vulnerable to multiple types of attacks. You are also responsible for protecting your customers from this happening to them in the first place.
From Equifax to CapitalOne, no one is exempt. We can’t stress how important it is that you have a website partner that can stay on top of your security at all levels. You also need a partner that knows exactly what to do if/when an attack occurs. Below are some basic steps you can take right now to add another layer of protection to your website.
1. Install a Secure Sockets Layer (SSL) Certificate
An SSL certificate encrypts sensitive information like credit card or social security numbers that is transferred to and from your website. It’s also required by Google and considered a factor for ranking in search results.
2. Perform Regular Updates
Hackers are relentless so there will always be vulnerabilities found – even in the most solid programs or server systems available. Make sure your website developer and/or hosting company stays on top of regular server maintenance, network security, and software updates.
3. Avoid File Uploads
We recommend avoiding file uploads if possible, but if your business requires them be sure to install file verification and scan for malware. Another great tip is to have your website automatically rename uploads so hackers are unable to access the file afterwards.
4. Use Secure Passwords
Simple passwords like “1234” may seem harmless, but if an intruder gains access to your business website and other sensitive information how harmless will it be then? Be sure that everyone who has access to your website has a secure password that doesn’t include personal information that a hacker can easily glean from a social media profile (ie. children’s names, dates of birth, pet names).
5. Prevent Website Attacks
Many hackers can easily access your website through a “back door” of code. Here, they can inject malicious code that infects not only your website, but the entire system it’s connected to such as the server where all of your website files are stored. We highly recommend using a website vulnerability scanner. These scanners identify any weaknesses you may have on your website, especially ones that are vulnerable to attacks such as SQL injections, cross-site scripting, and more.
These are only a few basic suggestions on how to prevent your website from being hacked. Every situation is unique, so feel free to give us a call at (915) 351-8440 or schedule a security consultation so we can assess your situation right away. A special shout out to Joe Mason for making this topic a necessary entry on our blog. Feel free to chime in with any additional suggestions!
Sidenote: Are you using a website builder such as WordPress or Joomla? Learn more about how your website is vulnerable and what you can do to increase security right now!