Business websites continue to be attacked, costing owners both in time spent trying to fix them as well as in lost income.
In a recent speech, reported by the BBC, the intelligence agency’s chief has said that MI5 is battling astonishing levels of cyber-attacks on UK industry. Jonathan Evans warned internet vulnerabilities were being exploited by criminals.
Small business owners may think that this only applies to large companies – however it very much also applies to them as well, even if they just have a very simple site.
Depending on who manages your website will determine how threats are protected against. If you have a website manager then they will deal with this for you, however in many cases this may be the business owner themselves.
Below are some simple security tips you may want to consider for your own site – with websites and search engines being a primary source of new business, ensuring their operation is important.
1) Updating the website software. If you have a site run on a platform such as WordPress then there are regular security updates included with new versions. It’s important to install these when they become available, as they usually close loopholes in security that have been being exploited.
2) Passwords. The password used to access the website, both the backend hosting account and the content management system, needs to be robust. It will probably not need to be entered often, and can be stored on a secure computer for access anyway, so can be very long. Using this long password with a mixture of upper and lowercase as well as non alpha-numerical characters will increase the security.
3) Backups. If you are using WordPress or similar then you can easily export a backup file of your posts and updates. However this does not back up all of the site, so a more comprehensive backup solution would be beneficial, perhaps in addition to the normal posts backup. Utilities such as FileZilla will enable you download a copy of the entire site, including all the backend files. This makes it easy to upload and restore the site in case of any problems or hacks at a later date.
4) Testing & Monitoring. Whilst looking at the site yourself on a browser will give you information on whether it is working well, it won’t tell you about another type of hack – the search redirect hack. This is where the site is hacked so that when people find it on a search engine, they are redirected to another site by yours via hidden code.
One way to check for this is to try searching for pages on your site using search engines, click on the link and make sure it works. The other is to install monitoring software that gives you reports whenever any file on your website changes. This enables you to confirm that the file change is expected rather than being done by someone else.
You can also install analytic software to your site and monitor the level of hits coming from search engines – a sudden drop could signify problems with the site.
In addition, there are also services that will monitor your site and report if it is unavailable by email, so that you can check on the situation.
The great benefit of these points above is that they can be straightforward to set up, and will ensure that your website remains working and generating referrals for you 24/7.