The internet has given voices to many and connected consumers with businesses across the world. Like with any good thing, unfortunately there’s a small percentage of people who try to ruin it for everyone. Yes – we’re talking about hackers.
Hackers are a unique bunch who may not have fallen into a criminal life had the web not existed. They are tech-savvy and hide behind a computer screen. One of their favorite groups to victimize are small businesses, who tend to skip website security.
So, how can a small business arm their website against hackers? By getting informed and taking the right measures to secure their website.
How do hackers.. Hack?
A hacker’s top priority is to get your username and password. Once they have that, they can access your website, information on your users, and even your accounts on other websites if you use the same log-in credentials.
Hackers have developed various ways to automate their efforts. This is why it’s important not to question, “Why would they waste their time on my website?”
One small group, or a single hacker, can cause widespread damage with little effort. They cast as many lines out as possible and see which website they can get a bite from.
Brute force attacks.
These programs generate combinations of letters and numbers in an attempt to guess your password. Through trial and error, they hope that eventually one combination will work. This is why on occasion you will try to login to your account and find you’ve been locked out already because of excessive login attempts.
Programs that log your keystrokes will record each character you type and provide them to the hacker. This particularly creepy tactic will give the hacker everything they need to login to your accounts and even steal your identity.
Viruses copy themselves until they crash your website or wipe out everything on your computer’s hard drive.
Remote administration tool (R.A.T.).
Logging into a public wi-fi hotspot at an airport, coffee shop, etc. exposes your computer to hackers who can see your information. These free networks are usually unencrypted and vulnerable to any hacker in range.
One of the most common hacking methods, SQL injection, is simple for hackers to perform. By submitting a few snippets of code to your login page, they can gain access to your website and infect your computer with malware.
What can you do to stop them?
Don’t log into your accounts from insecure locations.
This will ensure you don’t expose yourself to remote administration tools. If you must login via remote locations, stay on HTTPS websites (this includes both the login page and page the form is submitted to). Hackers will only be able to view encrypted information.
Be smart about passwords.
This may seem like a no-brainer, but too people use the same, simple password for multiple websites. We know, it can be a hassle to forget your password and have to recover it by email for each account.
LastPass is a completely free password manager available in the Google Chrome web store. You only need to remember your LastPass master password and all other usernames and passwords can be saved to automatically fill in.
Using the same pass for multiple accounts is a big no-no! Download FREE @LastPass for quick log-ins.” #websecurity #freebie@osc_webdesign
Get SSL on your website.
All of the internet’s information travels back and forth in a language called HTTP (hypertext transfer protocol). This language is unprotected by itself and susceptible to hackers.
By adding a technology called SSL (secure sockets layer) this language will become encrypted. These encryptions will be impossible to discern unless you have the correct encryption key.
SSL is what adds the ‘S’ to HTTPS. The ‘S’ stands for secure. You can purchase SSL for your website or get it included through a website security package (like ours ).
Start using two factor authentication.
Two factor authentication protects you against brute force attacks and serves as an extra layer of security. With this, you verify your login information through another source such as a text to your cell phone or an email.
Scan your website often and fix problems.
Scanning your website for malicious code, malware, and spam is crucial for protecting your website. Regardless of how pristinely written your code is, hackers are pros at finding a way to get in. All issues should be fixed immediately before they can cause any (or more) damage.
Recommended frequency: Daily
Carefully select plugins and update them regularly.
When adding plugins to your website, be sure check that they have positive reviews. That being said, a safe plugin has the possibility to be compromised in the future.
Plugin experts roll out updates that will increase security and fix bugs so that your website is safe from hackers. Be sure to take advantage of these updates!
Recommended frequency: Weekly
Proudly display your security badge.
While a security badge won’t technically stop hackers, it will send a clear message that your small business isn’t an easy target. A security badge also assures website visitors that they are safe to share their information with you.
The best way to keep your small business from becoming a victim is to take responsibility for your security. Taking a few extra steps and partnering with the website security good guys will keep you – and your website visitors – safe from the bad ones.