Cyber security comes up frequently with potential clients who want a “website that is secure.” In truth, the vast majority of business websites require little to no security, at least from a development standpoint. A basic “brochure” or informational website contains very few ways to be breached and is, on its own, quite secure and stable.
What changes that dynamic is interactivity. The more your website interacts with you or your customers directly, the greater the chances of security breaches. Cyber security concerns at this level can be critical to maintaining the integrity of your website and relationships with customers.
Internet security literally takes up entire course loads for computer science majors and there is enough information on it to fill dozens of volumes of text books. Fortunately, for most basic websites, cyber security is straightforward and fairly easy to address. Here are five areas of concern.
All hosting providers have intensely scrutinized cyber security plans in place. Remember it is not just your website they are hosting. They must take into account a range of website types and security issues. We work closely with our host to not only make sure they are doing all they can to mitigate security concerns, but to continually keep our own server integrity healthy through firewalls and other cyber security measures.
Any website that has monetary transactions should have a Secure Socket Layer (SSL) certificate in place. This protects all transmissions between with encryption. Basically, it takes a customer’s credit card information, scrambles it into a nearly indecipherable code, and re-assembles it when needed. But, even if you don’t, SSL is a good precaution for virtually any website that interacts with its customers. If you login to your website to make changes through WordPress, for example, or if your customers login, and SSL certificate can be a way to protect not just your information, but the integrity of your website software.
Safe Code and Software Security
Whenever we build a website, security is a concern, particularly when working with any kind of content management system or e-commerce system. Not only do we make recommendations to customers on how they should approach their builds, but we also work with our host on server software to protect against potential vulnerabilities. We also use tracking and firewall protection on the websites themselves. Most importantly, we discuss cyber security concerns with clients and give them suggestions on how they too can be involved in protecting their websites. For example…
Believe it or not, one of the simplest ways to keep your website secure is to employ complex passwords. We actually have discussed this and it is critically important. It used to be that you could use something as simple as the name of a family pet. But, hackers are substantially more sophisticated and there are algorithms that can figure out virtually any common password. As a result, we HIGHLY recommend complicated passwords. Good rule of thumb:
- No fewer than 12 characters
- Upper and lowercase letters
- Other characters or punctuation
- Completely random
Another thing you can do for yourself it protect your passwords and usernames internally. Don’t share them with anyone and keep them stored securely. Password storage services like LastPass.com are extremely helpful and thousands of times more secure than a Post-It note on your computer monitor (we see you).
Unlike massive online networks, you don’t need to employ a team of cyber security experts to protect your website, but you absolutely should do what you can to mitigate your risks. Contact us for more information on how we can help.