The start of a brand-new year is a great time to review your company’s policies and procedures. For many business owners, top of the list to analyse is website security. If you’re currently running through plans to bolster the security of your site in 2018, here are 5 crucial things to remember:
- Just because you’re a small business, it doesn’t mean your site won’t get hacked
Statistically, you may be less likely to be targeted by malicious parties than a large corporation or a business like a bank that collects sensitive financial information. However, this doesn’t mean that your site isn’t at risk from hackers. In fact, new research from a team at UC San Diego has found that 1% of all websites they tested had suffered a data breach, regardless of the size or reach of the website. From this, researchers estimate that tens of millions of websites could be breached every year.
Some hackers do it just for fun, to see if they can or to cause disruption and chaos, while others attempt to steal information – and all may see a small business as less likely to have robust security measures in place.
- Your employees could be the biggest risk to website security
This doesn’t mean that one or more of your employees is attempting to sabotage your website or business. It often comes down to a simple matter of carelessness with regards to cyber security and data protection. Unless properly trained and aware of company policy with regards to data and internet use, it’s easy for a careless employee to click a link in an email and open the door to hackers and viruses.
- A strong password is not always enough
If you have a strong password but use it across a range of different accounts and rarely think to change it, you could be putting your website and company at risk. Experts recommend using password vault software to develop different long-string passwords for each application or site, and to consider using two-factor authentication for extra protection.
- An SSL certificate is always worth it
Some companies think that because they don’t collect customer’s payment or credit card information, that they don’t need to shell out for an SSL/TLS certificate for their site. It would be a mistake not to take this very important step, because it broadcasts to customers that your site is safe to use. Crucially, it also protects data being transmitted from being interfered with or stolen.
- Take a closer look at plugins
Out-of-date website plugins can be one of the top causes of website hacks and attacks, simply because they contain security flaws and weaknesses that an update would usually fix. To find out more, take a look at our blog on the importance of updating plugins.
For more advice on keeping your site secure in 2018, contact our specialist hosting, security and maintenance team here at Ambos Digital.