A little bit of insurance advice for websites.
So you’ve spent a couple thousand dollars on a really nice website with all the bells and whistles, your organization has put in dozens of hours tweaking it to be just right but what have you done to protect your website from hackers? Just like with a vehicle or your other belongings, you need a plan to keep your investment safe.
Step 1 – Make daily/nightly backups.
Automatic backups may already be available from your website hosting company, or you may need a third party program to do this for you. In our experience, some web hosts can restore your files from a certain point; some for a fee, some for free. Check with them to see what’s available and what the restore process is BEFORE you have website issues. If your host doesn’t offer anything, look for a reliable third party program or have your web developers do this for you. We include a full offsite backup service for every website we manage here at Appletree.
Step 2 – Keep your plugins and files updated.
Some website content management systems will alert you when updates are available, some do not. When a website update becomes available, run it. We’ve talked over and over about how non-updated sites have wreaked havoc on organizations from information leaks to election hacks. Set aside time on your calendar to run updates, maybe check for them every morning during that first cup of coffee. Or sign up for an affordable maintenance package with a professional web firm.
Step 3 – Run security programs.
If you’re on WordPress there are several security plugins available. Most are free, but some offer premium services for a charge. We recommend Wordfence. But again, if you don’t keep your security plugins updated, it can’t keep you safe from new vulnerabilities.
Step 4 – Watch for signs of website issues.
If your website is broadcasting “Error connecting to database” or general “Error” messages there may be something going on behind the scenes. Perhaps your website is running slower than normal. It may be time to call in a website professional to take a look at website logs from the back end. Brute force login attacks sometimes go undetected until they kick in the door or a website professional spots them in a log and bolts the door shut.
Step 5 – Choose a good website host.
Shared website hosting is the cheapest hosting out there, but sometimes it’s like living in an old apartment building with a fire in one apartment. If one site gets hacked, all sites are now vulnerable. Read the reviews on your webhost, check their Twitter and Facebook accounts for real user comments. Cloud hosting has been all the talk over the last couple of years, but with the latest “cloudbleed” blunder even cloud hosting is being questioned. Dedicated website hosting is a little more expensive, but depending on the type of information you’re storing about your users, its likely worth the cost.
Step 6 – Keep an eye on who has access.
Limit not only the user accounts that have access your website, but also the programs that interact with your website. Apps that allow remote access to your website are easy targets for website hacking. These API programs allow for other programs such as social media to add content to your website. Unfortunately, they seldom encrypt your stored website login and password. This open door gets ignored by most website security programs because you granted access on purpose.
Step 7 – Update your computer.
If you don’t keep your computer updated and always run antivirus software with updated virus definitions as well as a good spyware program and malware program then you’ve left the keys in the car to be stolen. If your computer has been compromised, a keystroke logger could be recording all of your passwords.
Step 8 – Don’t use the same password.
It may be easy and convenient to remember one password for everything. However, if that password gets compromised on one service, it can be used to access your other services. You’d be surprised how many website databases do not store passwords as encrypted. Lax industry standards like this may leave your password open to prying eyes without you ever being aware.
Step 9 – Don’t store your passwords in browsers.
Your internet browser seems so helpful when it offers to remember a website password for you, but those passwords are stored in your browser unencrypted and are easy to access if your computer itself is compromised. Use a program that encrypts passwords and stores them safely. We recommend LastPass. It also recalls those password for you when you visit a website but stores them behind the scenes in a fully secured, encrypted way.
Step 10 – Scan your computer periodically.
Schedule a morning or afternoon every week to scan your computer for viruses and malware. Since this can take upwards of an hour maybe let it run during your phone calls for that day. If your software finds something, clean it up and scan again until all scans come back clean.
Subscribe To Our E-Newsletter
Everything You Need to Know About Your Google Business Listi
Google My Business is the tool that allows you to directly edit your busine…
Why You Need an SSL Certificate on Your Website
Have you ever visited a website and been greeted by a warning stating that…
Social Media After Death
As of this year, at least 2.34 billion people worldwide are social media us…
- Do I Need Alignable?
- Why Is It Important To Know Who Owns Your Representative? One Example: Glass-Steagall
- Facebook Password Reset Scam!
- Help Alexa and Siri Find Your Business During Voice Search
- What’s a Twitter Storm?
- UWUA – Utility Workers Union of America
- How to Survive a Joe Job
- Important Security Notification – Change Your LinkedIn Passwords!
- Social Media After Death
- Happy February 14th. 😉 #ValentinesDay2020
- SIM swapping is a scary form of phone number fraud. Here's how to detect it... Sim swapping is a way #hackers gain access to phone numbers, then online accounts. This CNET article talks everything you should know about sim swapping.
- Easy to mix up I suppose...🤣🥞💻
- Easy to mix up I suppose...🤣🥞💻
#technology #TechnologyRocks #TechnologyTheseDays #technologynews #technologysolutions #technologyfail #technologyart #technologytrends #technologyr #TechnologyIsAwesome #technologysucks #technologyhatesme #technologyinnovation #technologytoenjoy #technologylover #technologyaddict #technologytuesday #technologywitch #technologyrules #technologytakeover #technologycompany #TechnologyforGood #technologyproblems #technologyeducation #TechnologyConsulting #technologyfree #technologyfacts #technologypark #technologyiscool #technologyjobs
- Firefighters warn TikTok 'outlet challenge' could cause fire, serious injury A new social media challenge is catching the attention of firefighters. Beware of the TikTok 'outlet challenge'.
- FedEx warns of text message scams claiming to have package information #ScamAlert
Appletree MediaWorks, LLC
- Support for Windows 7 ends today. Upgrading your OS may not require a new device, & it is easy & affordable (the Linux OS is even free).
For more information on Microsoft ending support for Windows 7 and how to...
- That's about as helpful as #AutoCorrect could ever be!
- Happy New Year! Now that the holidays are over...
#alexa #christmas2019 #newyears2019 #happynewyear #technology
- 🎄 Is it Christmas already? 🎅
Merry Christmas and Happy New Year! Let's hope our New Year's resolutions last this time around..🤣
- What’s going on with TikTok, China, and the US government? #TikTok, a popular short-video sharing app, has found itself in the crosshairs of the #government. Remember, it's always best to know what an app does with your #data before you download it.
- The work of a future @google #analyst 😂 that is a crazy chart drafted up by a little helper here in the office 😁
- Chinese Government Holds Back Everyone’s Internet Freedom: A strong example of the problems this world... Chinese Government Holds Back Everyone’s Internet Freedom: A strong example of the problems this world faces with cyber censorship is what is going on in China. The government blocks many websites, searches, and software based on their content.
- EU-US Privacy Shield Still Not Protecting Your Privacy: Still collecting bulk data, problems with the... EU-US Privacy Shield Still Not Protecting Your Privacy: Still collecting bulk data, problems with the judicial redress act, and no true protection for businesses
- Copyright and Social Media: This has become a gray area. Almost everyone is guilty of... Copyright and Social Media: This has become a gray area. Almost everyone is guilty of sharing something on social media, whether it be Facebook, Twitter, or Pinterest, that was copyrighted and not yours to share. But what is fair to ...