Posted on Aug 14, 2018

Boost Your Website Security With These 5 Steps

According to Business Insider, there were 14 known data breaches of major U.S. companies between January 2017 and April 2018. The list includes marquee corporations such as Whole Foods, Gamestop, Best Buy, Delta, and Sears.

How did a who’s who list of big-name companies fail to protect their data and that of their customers? They didn’t mind their website security. In all 14 cases, cyber thieves hacked into each corporation’s less-than-secure online payment system and subsequently stole their customers’ credit card and personal information.

Online data breaches like this are the kiss of death for a company’s reputation.

It’s been estimated that almost 20% of consumers will permanently stop making purchases with a retail company after a data breach. One-third of consumers say they won’t stop shopping forever after a breach, but they will avoid shopping with that company for an extended period of time. No matter what the financial losses end up being, they will be significant and long-lasting.

Despite how big an issue website security is and how simple it is to prevent, it’s remarkably common for international corporations, small to medium-size business owners, and individuals to skip the necessary steps to making their website secure.

If you’re a website owner, don’t overthink your website security. Start with the basics. Here are top five things you absolutely must do to protect your website, your personal information, and your customers from a data breach and other forms of cybertheft.

1. Install an SSL Certificate.

An SSL Certificate puts a Hypertext Transfer Protocol Secure (HTTPS) between your website and its visitors’ computers. Particularly for a business website, it is a critically important security measure to install.

This communication technology simultaneously encrypts and authenticates the data that’s being sent to and from your site and your visitors, keeping it completely confidential. As a result, outsiders aren’t able to track or steal your visitors’ information during the exchange. It also has the benefit of protecting the integrity of the data as it’s being received or sent from your site.

If your business website accepts customer’s credit card numbers and personal information, an SSL certificate can prevent cyber thieves from stealing it and ruining your business’ reputation.

An SSL certificate is more important than ever now that Google will flag any site without one as “not secure”. For iPage customers, we are offering a free basis SSL to prevent this from happening. Find out more about how the Google changes might affect your website, or how to enable free SSL if you have live website with a domain purchased through iPage.

2. Perform Updates on Schedule.

It’s happened to literally millions of website owners. You get an email notification about a software update or, if you’re running a WordPress-hosted site, a theme and plugin update. Instead of heeding the notification, you assume your web hosting company will perform this routine update and delete the email. A few months later, your site gets hacked. Your personal data, your customers’ data—it’s all been stolen by cyber thieves.

Though incredibly common, this kind of data breach is also entirely preventable. According to the world-renowned web security specialists at Sucuri Remediation Group, almost two-thirds of WordPress-hosted sites run on outdated themes, plugins, and software because website owners neglect their updates.

Delayed updates don’t just make your website glitchy. They leave gaping holes in its security through which hackers can enter. Stay on top of your updates, and your site will be impenetrable.

3. Use a Password Manager to Keep Logins Secure.

How do you keep your passwords safe? Are you depending on your web browser’s easy-to-use autofill function and/or reusing the same passwords over and over again? You wouldn’t be alone in this common but catastrophic mistake.

In January 2018, Wired reported findings from Princeton University’s Center for Information Technology Policy that auto-filling your login and password information leaves you susceptible to data tracking and collecting from third-party sites. If you reuse passwords for multiple logins, the script from these predatory third-party websites can lift your password and use them to access your profiles.

The quick solution isn’t to mix up all of your passwords and to write them down in a notebook somewhere. Password managers, like LastPass and 1Password, can generate a random password for each of your profiles and websites, store them for you, and keep them encrypted. Some of them also have two-step authentication, giving you an extra layer of security.

Another important note: limit the number of people who have access to your website and restrict administrative privileges to everyone except for a select few. The more people are able to access your site’s back door, the greater the chances are of a data breach. Even the most trustworthy employee can forget to log out, can reuse passwords, or do something to accidentally jeopardize your site’s security.

4. Backup Your Data Regularly.

Your web hosting company most likely backs up your site’s data on a regular schedule. For a business website, that may not be enough.

If your site goes down, gets hacked, or sees other major damage, then your backed up data will help you get it up again quickly. To maintain the utmost security on your website, get additional help from a backup application or a dedicated backup plugin. Though they may cost a little extra, they will store your website’s data and any related information. Try to install a plugin that performs backups at least once a week.

5. Don’t Store More Than One Website on the Same Server.

Many web hosting companies use only a single server location to store your backed up data. In the event of an emergency, such as a blackout or natural disaster, your data could get permanently lost. Make sure that your web hosting plan stores your information on cutting-edge servers and at more than one location.

Ironclad Website Security Starts With Your Web Hosting Plan.

As you build a website for your business, review these steps to increase its security. iPage takes the security of your website seriously. That’s why our web hosting plans include an enhanced security suite and 24/7 network monitoring. We backup your data on performance load balanced servers at two data center locations. Learn more about how we keep your website and its private data protected; visit our Help article repository for information about security.


Feature Image: Pixabay