Four simple steps to protect your website

Until recently, for many smaller businesses, their website was purely a shop window with few, if any, transactions done through it. However, thanks to social distancing measures it has now become the primary means of business for almost every company. Ensuring your website is not vulnerable to hackers and other criminals is therefore more important now than ever. The crippling reputational and financial cost of a cyberattack can put a small company out of business.

Research shows that hackers are stealing 75 data records from businesses every second. Common ways that online criminals target websites include compromising administrator accounts by “cracking” poor quality passwords or intercepting and even altering communications between the website and a visitor’s browser. In other cases, cyber-criminals can flood the website with spam connections (known as a “DDoS” attack) or exploit vulnerabilities in older versions of website platforms.

While some elements of website security are extremely complex and require specialist knowledge, there are many ways you can protect your site yourself. By taking these 4 simple security precautions, you can drastically reduce the chances that your website will be damaged or compromised by online criminals.

1. Choose strong passwords

Over 80% of cyberattacks on companies are related to passwords. Weak passwords make administrator accounts more vulnerable to hacking. Using password dictionaries to choose long passwords that are too long and complex for criminals to guess or “crack”, but are easy for you to remember, will help you protect your data. It’s advisable to include a combination of uppercase and lowercase letters, numbers and special characters. However, personal clues such as birthdates, even written out of sequence, are best avoided.

It’s also important to create a unique password for each account or app you have and to change all of them quarterly, at least. This means that the whole of your website will not be compromised if one account is hacked.

2. Install an SSL certificate

Have you noticed how some websites begin with HTTP:// while others begin with HTTPS://? The “S” stands for “secure” and it means the website has an SSL certificate installed, so communications between the website and a visitor’s browser are encrypted. This makes it very difficult for online criminals to intercept or alter them. Installing an SSL certificate for your website will also improve its Search Engine Optimisation results.

3. Pay special attention to anti-DDoS features

Distributed Denial of Service (DDoS) is a type of cyberthreat that has grown rapidly over the past few years. DDoS attacks deploy a range of different methods such as botnet exploitation to overwhelm a website and make it crash. These attacks are happening every 60 seconds. Reputable website providers always offer some form of DDoS protection and these services are well worth considering. Some providers like OVHcloud even offer anti-DDoS Protection as standard.

4. Keep your website platform up to date

There are other common threats that can be easily avoided by simply keeping all your platforms and software up-to-date Don’t ignore those update emails and do regularly check your platform providers websites for update patches. Those patches will help improve your website’s performance and will also fix all known vulnerabilities  - what’s more, they’re free.

Putting these four simple security precautions in place will help you keep your website protected and ultimately give you some much needed peace of mind.