Hackers threaten the security of all of us. Whether we’re talking about your mobile phone, your social media pages, or your website, you’re storing information online that would be valuable to hackers if they could access it. That means you’re a target, and you have to remain constantly vigilant against the latest techniques employed by hackers to compromise your data. That goes for you, us, and everybody else who relies on the internet to communicate or to do business.

You might not think you’re particularly at risk if you don’t run a high-profile website, but that isn’t how hackers work. They’re happy to access whatever they can, and take whatever they can find when they get in. To them, hacking is like playing a Nextgen slots on a casino website. They’ll try something, and if it doesn’t work, they’ll move on to the next target. It’s as simple a philosophy as re-spinning the reels of one of those online slots if you’re not happy with the result you got first time around. Keep doing it for long enough at an online slots website, and you’ll eventually land a jackpot. Keep doing it for long enough with websites, and you’ll eventually break into one. 

If what we’ve said so far makes you a little nervous, you probably should be. Hacking is big business – and we mean really big. By 2018, the total cost of cybercrime to businesses around the world had exceeded six hundred billion dollars. By now, it’s probably moved closer to one thousand billion, and it will continue to grow in the future. What can you do to protect yourself? We’re glad you asked. Here are five safety tips that every webmaster ought to follow. 

Enforce A Strong Password Policy

The best tips are usually the most basic ones. All the security software and vigilance in the world won’t save you if you or your employees are using weak passwords. Weak passwords can be hacked or even guessed more easily than you probably imagine. Malicious software tools that can break open a weak password using brute force have existed for more than ten years, and so you’re wide open to attack if your website’s password policy isn’t robust. Insist on a minimum of ten characters, and within those characters, a mix of higher and lower case letters, numbers, and special symbols. Also insist that they’re changed at least once every six months. 

Encrypt Every Sensitive Page

Strong passwords are only one aspect of a secure login process. The other aspect of that process – and probably the more important one – is to encrypt your login pages. Hackers have increasingly accepted that the majority of websites are secured with strong passwords, so targeting unencrypted login pages is their new preferred approach. We’re not just talking login pages either; any page where sensitive data is stored or entered should be protected with SSL encryption. That includes payment pages, where a customer’s debit or credit card information and personal data is entered. Even if a hacker or malicious third party somehow gains access to that page, the data will be useless to them so long as it’s encrypted, and they don’t have the key. 

Update All Your Software 

You should be familiar with the concept of a “patch.” Microsoft issue patches for Windows all the time, and every app on your phone will routinely download patches and updates. More often than not, the updates will be pushed to you because they contain vital security improvements. If you have automatic updates turned off, or you’re not manually updating software often enough, you’re potentially allowing hackers in through vulnerabilities in the software itself. To put it another way, you’re leaving your back door open and your alarm switched off because you haven’t maintained it. Any piece of software hosted on your website needs to be kept up to date as the latest version at all times. 

Delete Old Data

In the same way that some people are hoarders of old possessions and pieces of technology, some webmasters are hoarders of old data or disused web pages. They keep them on their servers even if they’re no longer listed or visible through the internet – and they can become a liability. Only store data that absolutely needs to be there for business purposes. If you have any old data that’s no longer useful but might need keeping, back it up onto an external hard drive and then disconnect the hard drive, so it isn’t connected to your network. If it isn’t online, nobody can gain access to it. 

Use High-Quality Web Hosting

Not all web hosting companies provide the same standard of service. If your hosting package is considerably cheaper than some of the other packages you considered before buying it, corners might have been cut when it comes to security. There’s nothing more frustrating and upsetting than being hacked not because of mistakes that you’ve made, but because of mistakes that your hosting company has made. Take the time to research any web hosting company you’re thinking of using. You need somebody who provides customer support facilities every hour of the day and night and undertakes the task of backing up your data to remote servers in the case of loss or theft. Your web host is your gatekeeper. Treat them as a priority, and be prepared to pay for the standard of service you require. 

Sadly, not even following all of the steps we’ve outlined above will keep you safe and secure. In the digital age, there’s no such thing as a safety guarantee on the internet. The skill and sophistication of hacking attacks will continue to progress, and all we can do in response is hope that the skill and sophistication of security software progress along with them. You can’t put yourself in a position where you’re 100% safe from the threat of cybercrime, but you can put yourself in a position where your most valuable data is hard to access, and deleted or lost data can be restored easily. Review your security and safety settings now, and take any and all corrective actions required. 

Categories: Blog