A little bit of insurance advice for websites.
So you’ve spent a couple thousand dollars on a really nice website with all the bells and whistles, your organization has put in dozens of hours tweaking it to be just right but what have you done to protect your website from hackers? Just like with a vehicle or your other belongings, you need a plan to keep your investment safe.
Step 1 – Make daily/nightly backups.
Automatic backups may already be available from your website hosting company, or you may need a third party program to do this for you. In our experience, some web hosts can restore your files from a certain point; some for a fee, some for free. Check with them to see what’s available and what the restore process is BEFORE you have website issues. If your host doesn’t offer anything, look for a reliable third party program or have your web developers do this for you. We include a full offsite backup service for every website we manage here at Appletree.
Step 2 – Keep your plugins and files updated.
Some website content management systems will alert you when updates are available, some do not. When a website update becomes available, run it. We’ve talked over and over about how non-updated sites have wreaked havoc on organizations from information leaks to election hacks. Set aside time on your calendar to run updates, maybe check for them every morning during that first cup of coffee. Or sign up for an affordable maintenance package with a professional web firm.
Step 3 – Run security programs.
If you’re on WordPress there are several security plugins available. Most are free, but some offer premium services for a charge. We recommend Wordfence. But again, if you don’t keep your security plugins updated, it can’t keep you safe from new vulnerabilities.
Step 4 – Watch for signs of website issues.
If your website is broadcasting “Error connecting to database” or general “Error” messages there may be something going on behind the scenes. Perhaps your website is running slower than normal. It may be time to call in a website professional to take a look at website logs from the back end. Brute force login attacks sometimes go undetected until they kick in the door or a website professional spots them in a log and bolts the door shut.
Step 5 – Choose a good website host.
Shared website hosting is the cheapest hosting out there, but sometimes it’s like living in an old apartment building with a fire in one apartment. If one site gets hacked, all sites are now vulnerable. Read the reviews on your webhost, check their Twitter and Facebook accounts for real user comments. Cloud hosting has been all the talk over the last couple of years, but with the latest “cloudbleed” blunder even cloud hosting is being questioned. Dedicated website hosting is a little more expensive, but depending on the type of information you’re storing about your users, its likely worth the cost.
Step 6 – Keep an eye on who has access.
Limit not only the user accounts that have access your website, but also the programs that interact with your website. Apps that allow remote access to your website are easy targets for website hacking. These API programs allow for other programs such as social media to add content to your website. Unfortunately, they seldom encrypt your stored website login and password. This open door gets ignored by most website security programs because you granted access on purpose.
Step 7 – Update your computer.
If you don’t keep your computer updated and always run antivirus software with updated virus definitions as well as a good spyware program and malware program then you’ve left the keys in the car to be stolen. If your computer has been compromised, a keystroke logger could be recording all of your passwords.
Step 8 – Don’t use the same password.
It may be easy and convenient to remember one password for everything. However, if that password gets compromised on one service, it can be used to access your other services. You’d be surprised how many website databases do not store passwords as encrypted. Lax industry standards like this may leave your password open to prying eyes without you ever being aware.
Step 9 – Don’t store your passwords in browsers.
Your internet browser seems so helpful when it offers to remember a website password for you, but those passwords are stored in your browser unencrypted and are easy to access if your computer itself is compromised. Use a program that encrypts passwords and stores them safely. We recommend LastPass. It also recalls those password for you when you visit a website but stores them behind the scenes in a fully secured, encrypted way.
Step 10 – Scan your computer periodically.
Schedule a morning or afternoon every week to scan your computer for viruses and malware. Since this can take upwards of an hour maybe let it run during your phone calls for that day. If your software finds something, clean it up and scan again until all scans come back clean.
Subscribe To Our E-Newsletter
The Great Phishing Scamdemic
Have you been noticing an abundance of suspicious looking emails flooding y…
Serious Risks to Consider When Socializing Distantly
In today’s crazy world of staying home instead of visiting friends, we’ve a…
Ten Tips on How to be Successful While Working From Home Dur
As a web developer of over 15 years, I’ve spent a lot of time working remot…
- Chinese Government Holds Back Everyone’s Internet Freedom: A strong example of the problems this world... Chinese Government Holds Back Everyone’s Internet Freedom: A strong example of the problems this world faces with cyber censorship is what is going on in China. The government blocks many websit ...
- EU-US Privacy Shield Still Not Protecting Your Privacy: Still collecting bulk data, problems with the... EU-US Privacy Shield Still Not Protecting Your Privacy: Still collecting bulk data, problems with the judicial redress act, and no true protection for businesses
- Copyright and Social Media: This has become a gray area. Almost everyone is guilty of... Copyright and Social Media: This has become a gray area. Almost everyone is guilty of sharing something on social media, whether it be Facebook, Twitter, or Pinterest, that was copyrighted and not you ...
- How Your Devices are Tracking you and How to Stop it: Apple, Microsoft, and Android How Your Devices are Tracking you and How to Stop it: Apple, Microsoft, and Android
- Being Safe while Downloading Apps: With how many apps are downloaded it is always a... Being Safe while Downloading Apps: With how many apps are downloaded it is always a good idea to stay safe while downloading. You must take precautions, learn where to download, and do your research.
- Is Your Phone Keeping You up at Night? Our electronics tend to distract us from... Why Labor Unions Need Member Data System: Many large organizations – specifically labor unions – struggle trying to keep their member data updated and accessible. Without a centralized dat ...
- All About Browsers: With so many browsers out there including: Google Chrome, Mozilla Firefox, Opera,... Is Your Phone Keeping You up at Night? Our electronics tend to distract us from going to bed, disrupt our sleep with constant sounds, and hurt our health with their blue light.
- Mobile Sub-Site versus Responsive Web Design: In 2016, if your website is not mobile ready... All About Browsers: With so many browsers out there including: Google Chrome, Mozilla Firefox, Opera, and Safari, you may have a hard time choosing one. While all of them have their ups and downs you ...
- Do Not Track: Two members of congress filed a bill called the ‘Do Not Track... Mobile Sub-Site versus Responsive Web Design: In 2016, if your website is not mobile ready you need to change that today. Two main ways to make your site mobile is to either have a mobile sub-site or ...
- Website Tips for 2016: -Fresh Up to Date Modern Websites -Easy Navigation is Key -Website... Do Not Track: Two members of congress filed a bill called the ‘Do Not Track Online Act of 2015’
- Where Technology and Christmas Come Together: Check out some of the ways you can enjoy... Website Tips for 2016: -Fresh Up to Date Modern Websites -Easy Navigation is Key -Website Usability -Improve Your SEO -Social Media
- How to Stay Safe While Holiday Online Shopping: Learn where to shop online, how to... Where Technology and Christmas Come Together: Check out some of the ways you can enjoy the Christmas festive technology and how you can share some yourself.
- Newsletters in the Digital Age! In a digital age sending out electronic newsletters instead of... How to Stay Safe While Holiday Online Shopping: Learn where to shop online, how to be secure, and best practices to keep yourself safe.
- Safe Harbor Ruled Invalid, How it Affects You: The European Union and the Unites States... Newsletters in the Digital Age! In a digital age sending out electronic newsletters instead of paper newsletters has become much more popular. While deciding to do your newsletter does have its downsi ...
- The Internet Helps in a Crisis: Everyone has heard about the recent Paris Attacks on... Website Do's And Don'ts #infographic
- Advertising Online for your Business: Advertising your business online can boost your sales and website... The Internet Helps in a Crisis: Everyone has heard about the recent Paris Attacks on November 13th many dead, wounded, or stranded. Many companies have made use of the Internet in a time of crisis to ...
- Using Analytics for Your Business: Analytics is data analysis that usual involves taking past data... Advertising Online for your Business: Advertising your business online can boost your sales and website traffic if done the correct way. There are many different ways and places to advertise online
- The NSA and Online Privacy: Many studies, cases, and documents show that the NSA is... Using Analytics for Your Business: Analytics is data analysis that usual involves taking past data to find trends and effects or decisions or events. It can also compare old data with new data using a ...
- BrandiGirlBlog published this great chart of color and size conversions between inches and pixels, etc.... The NSA and Online Privacy: Many studies, cases, and documents show that the NSA is spying on American citizens using online surveillance. As an American, this invades our Freedom of Speech and our Ri ...
- Google Event, the Good and Bad: Google held their press event on Tuesday, September 19th... Learn About Scam Emails: Scam emails are a very popular and while most email services have a spam sorting feature built in, not all will be sorted properly. Scams can look like they came from a friend ...
- Prevent Malware on your Smartphone: Different malware includes adware, bug, spyware, Trojan horse, virus, and... Google Event, the Good and Bad: Google held their press event on Tuesday, September 19th in San Francisco announcing many new products such as the Nexus 6P and 5X, the new Chromecast 2, Chromecast Aud ...