Online security is a major issue and must be taken very seriously. The recent security breach that happened to GoDaddy is a reason to run a safety check on our website and online platforms, as well as review our safety protocols. It was a pretty big deal, as it exposed over a million users’ websites and email accounts. Even if this isn’t your hosting company, it can still affect you, as hackers might be using familiar emails in their phishing attempts. Especially when you consider that they were totally unaware for two months!
We tend to think this type of thing only happens to others (who’s going to be interested in my small little website?), but it happens every day. In fact, we’ve seen it happen to multiple promo suppliers, and it might have happened to you as well!
Keeping your online properties safe is one of the most important things you can do to protect yourself and your business. Having your website content altered or just wiped out all of a sudden can cause a major headache and business interruption.
The good news is, there are a few things you can do that don’t involve that much technical know-how to keep your properties secure, especially your website.
1. Use strong passwords.
Your username and password are your first line of protection. Make sure you create long, strong passwords and change them on a regular basis. Don’t share your password with anyone, and be sure to use password managers such as LastPass to create unique passwords for each of your staff who need access.
2. Secure your login page.
Your login page can be especially vulnerable to brute force attacks, which are one of the most common ways hackers can gain access to your site through login attempts. Besides having a strong password, you can take your security even further by adding security features such as two-factor authentication, limiting the number of failed login attempts, and blocking certain IP addresses from accessing your login page
3. Keep a backup of your site on your computer.
Backups can be a life saver. Download a backup of your website before and after performing updates—every time. Even if your hosting company offers daily backups, having a clean version of your site is invaluable if there is a major issue, like what happened with GoDaddy. If your site were affected, you could go somewhere else and have your site up and running in no time.
4. Use secure hosting.
You can do everything possible to secure your WordPress site on your end, but as GoDaddy’s clients just found out, none of that will matter if your hosting environment isn’t secure. We recommend reputable hosting companies that specialize in WordPress and WooCommerce, such as SiteGround, the one we use for our websites, because of the added security measures and performance features.
5. Limit user access on your website.
If you do have multiple user accounts, you should limit the amount of access that each user has to the back end of your site. This will reduce the chance of any settings accidentally being changed.
6. Keep your WordPress core, themes and plugins up to date.
WordPress is constantly improving their security and functionality, you always want to make sure you’re running the latest versions. Same goes for themes and plugins—use only reputable providers.
7. Install an SSL certificate on your site.
Even though this has been a requirement for a few years now, there are still some distributor websites without SSL certificates. The purpose is to encrypt your user’s connection and secure any data transferred between the browser and server, as well as encrypt your admin data. Not having one can deter users from going to your website, as they will encounter an ugly warning, affecting your credibility.
8. Take precautions when accepting file uploads through your site.
As a distributor, you want to be able to accept file uploads for clients, but you want to make sure they are not uploaded directly to your website and that you have the ability to run them through malware before opening them.
Create Your Own Security Protocols
Security isn’t something that you can just do once. Hackers are getting more and more sophisticated, and one can never be too careful. It’s something that’s constantly evolving, and you need to regularly update your site’s security standards and conduct routine website safety checks if you want to stay protected.
This article was first published at Action Marketing. For more marketing articles, free webinars and guides specific to the promo business, visit the Resources section of ActionMarketingCo.com.
