In the past month a number of high profile organisations have had their websites hacked or customer data systems compromised. In early April the customer email database of Dell (and several other companies) was exposed when email services provider Epsilon’s systems were breached. Not longer after that Monash University’s homepage was hacked, and now we hear that the account details – including credit card numbers – of more than 70 million of Sony’s PlayStation Network members have been accessed by “malicious forces”.
These are all large organisations with massive resources at their disposal and – we would assume – serious security regimes.
The lesson? If they can be compromised then so can you.
Here are some extremely simple things you can do to lessen the risk…
Use strong passwords
You’ve heard this before but I’ll say it again: the easiest way for someone to access your website (or email or Facebook or…) is by guessing your password. Studies have shown that lots of people use ridiculously guessable passwords (with 12345 and 12456789 the most common, followed closely by people’s names). If your content management system’s password is one of these log in and change it now.
Keep passwords safe and and don’t save them on devices others can access
If you’re using a laptop, iPhone or mobile device to log in to things like your website admin area and you lose it will the next person who picks it up be able to log in? Be careful about getting your browser to save passwords unless you’re sure no-one else will be able to use them. (If saving passwords in your browser is important consider password protecting your entire computer or phone instead).
Keep software and content systems up to date
Most website hacks come about because of old, unsecure versions of software. If a potential security hole is found in content system software – like WordPress – an update is released. To be safe from hackers it’s important that your site runs the latest version of software. We offer extended warranties or maintenance agreements for our customers that will see us update WordPress when updates come out for a very reasonable fee. It may seem like a a pain or an extra cost to make sure this is done but this is the reality of the internet and compared to the alternative…
Make sure your website is with a good web host
A good host will
- make sure their server is secure and has the latest security patches
- keep regular backups of your site
It’s not something web hosts like to talk about but no matter how good your host is it is still possible that your site could be compromised. If someone gets your content system login details, for example, or an evil hacker works out a new way to exploit a commonly used website or hosting software that happens to be running on your site and tells all their evil hacker friends.
A good host means will be able to deal with issues quickly, restore a recent backup of your site, keep you posted and give you advice.
Feel free to contact us if you’d like to discuss any of the above.