Frédéric is currently Director of Marketing Solutions for Colt Technology Services.
For many SMEs your website is one of your most valuable assets. In many cases it will be the first point of contact for many people wishing to interact with your organisation, a touchstone for people wanting to find out information on your company and essentially your shop window for the world.
Protecting it is therefore very important and while the high-profile activities of hacker groups such as Lulzsec may seem far removed from your day-to-day operations there are still plenty of pieces of malevolent code out there that can seriously damage your website and reputation.
Added to this is the threat of Denial of Service attacks. A DoS attack is a dedicated attempt to disrupt a particular web service or site. While DoS attacks are less common than marauding viruses they can bring unforeseen downtime and business interruption. DoS attacks are orchestrated by hackers and usually favour e-commerce, gaming, government and content provision sites. Colt can provide security from DoS attacks by employing specialist solutions such as IP Guardian.
To start with here some best practice ways for keeping your website secure:
1. Back-up your site.Nowadays a company website is very much more of a dynamic entity, with news articles being added and products uploaded every week. Make sure you take the time to back up your website, with a copy taken via FTP or on to a secure server regularly. In the event of an attack, it’s much easier to reinstall a backed-up site than clean an existing one.
2. Keep your website software and CMS up-to-date. Very often the manufacturers of website creation software are fully aware of security flaws with their products and consequently do their best to address such issues very quickly. More often than not, it is non-updated software that has caused the problem so be sure to update when asked!
3. Monitor comments and check for humans. Websites can often be attacked through poorly regulated comment functionality. Make sure that you’re able to verify that anyone posting to your site is a real human and not a malicious piece of code. You can do this by using verification software such as reCaptcha.
4. Unique usernames and passwords. This may seem obvious, but it’s quite a simple thing to make sure an Admin level user on your site doesn’t have the name ‘Admin’. The more complex your user name and password combination is the better, the more regularly these are changed, the better.
5. Separate personal data from your web-server. Database driven websites can be very useful when it comes to storing personal data collected from people on your site, however if your site is hacked, it exposes that data. Make sure you have a method of backing-up this personal data and if possible remove it from the web-server to an offline secure location.
6. Protect your own site from the threat of DoS attacks. Make sure your sensitive data is held in a secure data centre. If a threat is detected Colt can deviate your traffic, clean it your network and make sure that only the traffic you want is reaching your site and uptime is maintained.
If you’d like more information on website security then why not contact us?
No comments on 'How secure is your website?' Be the first to comment