If you’re like most small business owners your online security efforts are focused on protecting your networks and data. Those are important to protect but don’t forget about your company’s website. Hackers will target small business websites because they’re often overlooked by business owners and are considered easy targets.
Hackers will target your small business website for a variety of malicious applications, including the installation of malware that will allow them to do the following:
- Capture personal information and passwords from site visitors
- Steal employee and company information
- Relay spam messages
- Redirect online visitors to different sites
Regardless of the specific attack and its results, dealing with hackers is a hassle you’re better off trying to avoid. Don’t fall into the trap of thinking your business is too small for a hacker to attack. As we mentioned earlier more and more hackers are targeting small businesses because they’re considered easy targets. In general, small businesses don’t have the budgets to invest in dedicated IT security teams or sophisticated security software and devices.
Securing Your Site
Some of the basic steps you take to secure your network can similarly help reduce the risk of your company’s website being attacked.
For instance, requiring the use of strong passwords is critical in protecting the website’s administrative sections from unauthorized access and alteration. This will help reduce the risk of someone using a known vulnerability to access your site with an easily guessed password.
It’s also a good idea to ask your web hosting company about its security precautions. For example, your hosting provider should include malware and anti-virus scanning, as well as PCI-compliant card shopping cart software.
You should also make sure your provider offers secure sockets layer (SSL) certificates that encrypt traffic between your users and your website platform. While essential for online commerce, it’s also important protection for sites that are only collecting information via web forms. Customers who see a secure connection are more likely to trust, and share information, with your business.
Protecting WordPress Sites
If you’re running one of the many small businesses that uses WordPress for its main site, there are a number of steps you can take to protect your site.
For starters, delete the default ‘admin’ log-in for site administration. A number of hacker exploits have been developed using the admin log-in as a starting point. Instead, assign specific login credentials for any authorized site administrator.
You should also:
- Update your WordPress software and site plug-ins routinely. Hackers often target outdated systems for the attack.
- Install Captcha plug-ins that require site users to check an “I am not a robot” box. This reduces the risk of your site being targeted with automated attacks.
- Use security plug-ins that help protect your site against spam comments and malicious software.
Regardless of how or where your site is hosted, it’s vital to back up its content on a consistent basis. Your hosting provider will likely back up your site regularly, but it’s a good idea to download a backup copy to a local server for additional protection.
Don’t ever think your business is too small to be attacked by hackers. Take the steps you need to not only protect your networks and data but also your website.