The Internet is an ever-increasing part of life. It seems like every day a new web-based service designed to enhance our lives is announced. We have become a connected people virtually unable to live life without the web. Protecting your personal information and the information available on your website becomes more important, but not as difficult as most people might think.
Securing your website — personal or business — is a matter of covering the first points of entry from a would-be hacker. It’s important to first understand that it would be impractical, perhaps even impossible to create and maintain a perfect, all-encompassing security system. What we will be concerned with in this article is security practices that protect privacy, integrity, and availability.
While many people may believe that the chance of their site being hacked is low, the truth is it happens more often than you think. You can minimize the opportunity for embarrassment and loss of private information (and possibly lost revenues) by understanding the possible areas of vulnerability and developing security practices to address them.
Use Strong and Secure Passwords
I’m continually amazed when I see someone using the default password to access any online account. Many potential security problems can be avoided through the use of strong passwords. Create a strong password by first avoiding the use of any names, dates, and phone numbers. Best of all, avoid using words in general from any language and avoid short passwords. Strong passwords are a mixture of at least six alpha-numeric characters with upper and lower case.
Solid Content Management System
The heart of many websites today is the software that provides the ability to easily manage everything. Commonly referred to as a Content Management System (CMS), this software can be a gateway to hackers and open the door to information you would rather not fall into the hands of a mischievous individual. All CMS are not created equally; open source (free) software systems like WordPress and Joomla have long histories of vulnerabilities. And while even the best CMS can have flaws, the profit motive from paid software solutions to minimize threats often result in lower incidences.
Keep Strong Malware Software
Any computer that has access to your website should be protected against not only viruses, but any type of malicious software. No amount of website security is going to prevent an infected computer uploading malware to your website.
Where you host your website matters. If your website is the source of your livelihood, you should seriously look beyond a shared hosting environment. If your website resides on a server that hosts other sites than your own, that server can be compromised in a number of ways. So, even if you are doing everything correctly, your website can be potentially corrupted. Moreover, a reputable and reliable hosting company should be involved and they should be able to tell you what security precautions they take.
One of the simplest ways to stay ahead of malicious intent is to ensure that your operating system, anti-virus platform, and your CMS is up to date. Software updates often include patches to security vulnerabilities and can make your system just tough enough that hackers won’t bother and move on to another website whose owner has neglected their updates.
Clearly, there is more to website and information security than the basics outlined here. An exhaustive article would include injection threats, cross-site scripting (XSS), backups, redundancy, data encryption, and personnel security. This is simply a starting point that will hopefully defend against the low-level threats that are easily manageable. The most important point to understand is that website threats are very real and ultimately, it is your responsibility to keep things in check. Knowledge is a key to success in any aspect of life. Just as a good diet and exercise plan will keep you healthy, a sensible security plan will limit your exposure to attacks and hopefully save you time, money, and embarrassment.