If you’re thinking of building a website or updating it, one assumes content, the user experience, the call-to-actions and interactivity will be the main concerns. However, security should be viewed with equal importance – and here are nine things you can do to make sure you’re guarded against external forces.
Install Antivirus software
Protection from companies such as Bullguard, Norton and McAfee can help protect your hardware and software, limit access to social media accounts and emails, and also block identity theft and malware attempts. No anti-virus software is perfect by any means, but it’s a good first step.
Firewalls are designed to stop unauthorised people from accessing your devices, and therefore restrict malware. Again, these are not perfect, but they’re certainly advancing and in the future could utilise AI to assess what is ‘normal’ behaviour from users – and raise the alarm if there are any deviations.
Keeping software up to date
Creativebloq.com states that keeping software up-to-date is vital in keeping the site secure, which applies equally to the server operating system and any appropriate software. It also confers a responsibility on you to keep it updated, by installing security patches as and when prompted to do so.
Hyper Text Transfer Protocol Secure is the more secure version of HTTP, and ensures that communications between the browser and website are encrypted. It’s easy to enable by buying a certificate and installing it, and many platforms such as WordPress and Wix offer HTTPS as standard – so make sure it’s set up.
If you haven’t yet built the site, or found a host for it, you should at least consider a virtual host that not only provides the size (RAM, disk size etc.) to accommodate your project, but also the security and support that you need as part of a management package. Go for a company that can assist on a 24/7 basis, and provides free SSL security. If the site is up and running, consider migrating to different hosts.
It doesn’t take long to keep an eye on the latest technology news, and be aware of the latest scams and hacks that rogues are attempting. If you know about them, then you can defend against them – a quick search and monitoring sites such as The Verge and BBC Technology will help you uncover the latest defenses.
An obvious one, but sometimes neglected. Regularly changing your passwords and using different cases and numbers can help, while even better methods include the sue of password generators (such as SHA1) and ‘salting’ the password – a method of using random data which is inputted into the password to ‘hash’ it and add an extra level of hacking difficulty. And also
How many people know that password? What levels of security exist in your company, and how easy is it to access the files where passwords may be stored? The fewer the number who have access the better; limit the number of password guesses and make sure that no-one ever emails passwords. These measures might also apply to your family!
Be wary with how much interaction you allow website users, as file uploads can actually become a big security risk. Even changing an avatar on your website via an upload form can allow an entry point for hackers using PHP code for nefarious means. Renaming the file on upload to check the file extension or changing file permissions are two simple ways to fix this potential problem.