A little bit of insurance advice for websites.
So you’ve spent a couple thousand dollars on a really nice website with all the bells and whistles, your organization has put in dozens of hours tweaking it to be just right but what have you done to protect your website from hackers? Just like with a vehicle or your other belongings, you need a plan to keep your investment safe.
Step 1 – Make daily/nightly backups.
Automatic backups may already be available from your website hosting company, or you may need a third party program to do this for you. In our experience, some web hosts can restore your files from a certain point; some for a fee, some for free. Check with them to see what’s available and what the restore process is BEFORE you have website issues. If your host doesn’t offer anything, look for a reliable third party program or have your web developers do this for you. We include a full offsite backup service for every website we manage here at Appletree.
Step 2 – Keep your plugins and files updated.
Some website content management systems will alert you when updates are available, some do not. When a website update becomes available, run it. We’ve talked over and over about how non-updated sites have wreaked havoc on organizations from information leaks to election hacks. Set aside time on your calendar to run updates, maybe check for them every morning during that first cup of coffee. Or sign up for an affordable maintenance package with a professional web firm.
Step 3 – Run security programs.
If you’re on WordPress there are several security plugins available. Most are free, but some offer premium services for a charge. We recommend Wordfence. But again, if you don’t keep your security plugins updated, it can’t keep you safe from new vulnerabilities.
Step 4 – Watch for signs of website issues.
If your website is broadcasting “Error connecting to database” or general “Error” messages there may be something going on behind the scenes. Perhaps your website is running slower than normal. It may be time to call in a website professional to take a look at website logs from the back end. Brute force login attacks sometimes go undetected until they kick in the door or a website professional spots them in a log and bolts the door shut.
Step 5 – Choose a good website host.
Shared website hosting is the cheapest hosting out there, but sometimes it’s like living in an old apartment building with a fire in one apartment. If one site gets hacked, all sites are now vulnerable. Read the reviews on your webhost, check their Twitter and Facebook accounts for real user comments. Cloud hosting has been all the talk over the last couple of years, but with the latest “cloudbleed” blunder even cloud hosting is being questioned. Dedicated website hosting is a little more expensive, but depending on the type of information you’re storing about your users, its likely worth the cost.
Step 6 – Keep an eye on who has access.
Limit not only the user accounts that have access your website, but also the programs that interact with your website. Apps that allow remote access to your website are easy targets for website hacking. These API programs allow for other programs such as social media to add content to your website. Unfortunately, they seldom encrypt your stored website login and password. This open door gets ignored by most website security programs because you granted access on purpose.
Step 7 – Update your computer.
If you don’t keep your computer updated and always run antivirus software with updated virus definitions as well as a good spyware program and malware program then you’ve left the keys in the car to be stolen. If your computer has been compromised, a keystroke logger could be recording all of your passwords.
Step 8 – Don’t use the same password.
It may be easy and convenient to remember one password for everything. However, if that password gets compromised on one service, it can be used to access your other services. You’d be surprised how many website databases do not store passwords as encrypted. Lax industry standards like this may leave your password open to prying eyes without you ever being aware.
Step 9 – Don’t store your passwords in browsers.
Your internet browser seems so helpful when it offers to remember a website password for you, but those passwords are stored in your browser unencrypted and are easy to access if your computer itself is compromised. Use a program that encrypts passwords and stores them safely. We recommend LastPass. It also recalls those password for you when you visit a website but stores them behind the scenes in a fully secured, encrypted way.
Step 10 – Scan your computer periodically.
Schedule a morning or afternoon every week to scan your computer for viruses and malware. Since this can take upwards of an hour maybe let it run during your phone calls for that day. If your software finds something, clean it up and scan again until all scans come back clean.
Subscribe To Our E-Newsletter
The Great Phishing Scamdemic
Have you been noticing an abundance of suspicious looking emails flooding y…
Serious Risks to Consider When Socializing Distantly
In today’s crazy world of staying home instead of visiting friends, we’ve a…
Ten Tips on How to be Successful While Working From Home Dur
As a web developer of over 15 years, I’ve spent a lot of time working remot…
- Facebook Password Reset Scam!
- Why Is It Important To Know Who Owns Your Representative? One Example: Glass-Steagall
- Help Alexa and Siri Find Your Business During Voice Search
- Ways to Move Up in Search Engine Results
- Cat Tech Tips – Computer Updates
- Advertising Online for your Business
- Scam Emails
- Common Email Scams to Lookout For
- Writing for Your Clients and for Google
- Ransomware Attacks on Schools: 'Dirty, Rotten Scoundrels' Stop Online Learning It is a risky business out there, and the environment is really crazy.
- Attend this morning's zoom class or watch some old Muppets episodes? Hard call, but similar comedy 🤡👩💻
- Cloudflare Blames CenturyLink for Sunday's Internet Blackout Anyone have some internet issues today?
- How (and why) Zoom Fatigue is Messing with Your Mind - and How to Fix... There has been an unintended side effect of all this time spent on video calls. It’s called Zoom burnout, and it’s very real.
- How to tag on Instagram and why you should - GoDaddy Blog Curious what all the #hastags are about on #instagram? 📚📖 Read On:
- Happy February 14th. 😉 #ValentinesDay2020
- Easy to mix up I suppose...🤣🥞💻
#technology #TechnologyRocks #TechnologyTheseDays #technologynews #technologysolutions #technologyfail #technologyart #technologytrends #technologyr #TechnologyIsAwesome #technologysucks #technologyhatesme #technologyinnovation #technologytoenjoy #technologylover #technologyaddict #technologytuesday #technologywitch #technologyrules #technologytakeover #technologycompany #TechnologyforGood #technologyproblems #technologyeducation #TechnologyConsulting #technologyfree #technologyfacts #technologypark #technologyiscool #technologyjobs
- That's about as helpful as #AutoCorrect could ever be!
- Happy New Year! Now that the holidays are over...
#alexa #christmas2019 #newyears2019 #happynewyear #technology
- Chinese Government Holds Back Everyone’s Internet Freedom: A strong example of the problems this world... Chinese Government Holds Back Everyone’s Internet Freedom: A strong example of the problems this world faces with cyber censorship is what is going on in China. The government blocks many websites, searches, and software based on their content.
- EU-US Privacy Shield Still Not Protecting Your Privacy: Still collecting bulk data, problems with the... EU-US Privacy Shield Still Not Protecting Your Privacy: Still collecting bulk data, problems with the judicial redress act, and no true protection for businesses
- Copyright and Social Media: This has become a gray area. Almost everyone is guilty of... Copyright and Social Media: This has become a gray area. Almost everyone is guilty of sharing something on social media, whether it be Facebook, Twitter, or Pinterest, that was copyrighted and not yours to share. But what is fair to ...