We recently went over the worrying increase in cyber attacks and the real damage that they can do to small businesses. Here are a few simple steps you can take to drastically increase the security of your business.
Use secure passwords
The Risk: Weak passwords leave you more vulnerable than you’d think. Not only can hackers use tools to guess millions of passwords in a matter of seconds, in some cases they don’t have to guess at all. A hacker recently sold 33 million usernames and passwords stolen from Twitter. If those users use the same password for anything else, they allow hackers easy access. If someone got your password from one website that you use, what else could they use it to get into?
What you can do: Google recommends using at least 8 characters, including a mix of numbers and letters that is unique for each account. Many services also offer 2-step verification, requiring a code sent to your phone to log in.
The Risk: Building a website, or any piece of software, is like building a ship. It’s loads of small parts made into something big. However, such a complex structure only needs a tiny weakness for something you don’t want to get in. It only takes one person to find a tiny “leak” in a piece of software, and then the weak point is quickly shared (or sold) to many other hackers.
What you can do: Installing updates plugs any potential leaks before anyone has a chance to exploit them. Failing to install updates is akin to not changing the locks of your home when you know someone else has a key. Fortunately installing updates is very effective at keeping websites secure. It is worth keeping in mind that installing updates can also have a negative impact if carried out poorly as small changes to the software can have far reaching effects, so it’s always best to let a professional handle updates.
Install a DDoS mitigator
The Risk: A DDoS attack using a network of computers that have been hacked to flood a website with requests. The overload can bring a website’s servers (including emails) down for hours or days.
What you can do: A DDoS mitigator is a powerful form of digital protection that is attached to a server to soak up these kinds of attacks, meaning it stays online and continues to function normally. As a recent target of DDoS attacks, Alloy now offers hosting with Level 7 DDoS mitigation, the level of protection used by banks.
Regularly scan your website
The Risk: The point of a website is that people can visit it. Hopefully your website will acquire lots of visitors. This poses the risk that one of them does something nasty. Malware that is installed on your website can do all sorts of bad things, and the second something’s found by Google your site will completely disappear from search results.
What you can do: Using software to scan your website for malware on a daily basis is a very good idea. It will pick up any unwanted malware and viruses before they can do any further harm.
As in the real world, it’s just common sense to take reasonable steps to be secure. Nothing is completely invulnerable, and you don’t have to turn your website into a digital Fort Knox, but these are just a few of the simple steps you can take to help keep your business functioning normally.
If you have any concerns about the security of your website, or want to start taking these steps, get in touch with our online security team now.