4 Ways to Make Sure Your Website is Secure

Every few weeks, we hear about another company’s website getting cyber attacked, leaving thousands—if not millions—of consumers vulnerable to having their personal information compromised. If enormous companies like Facebook, MGM, and T-Mobile are susceptible to data breaches, how can local businesses expect to stay safe?

In reality, small businesses are more likely to get hacked than large corporations . These businesses potentially hold financial and personal information for thousands of customers but usually have less security than a large corporation. This makes small businesses the perfect target for hackers.

Keeping your website and customers’ information safe is more important than ever. Not only is it your responsibility as a business to keep personal info private, but it’s also how you’ll retain your customers and gain new ones. When it comes to ensuring your website is secure, here are 4 things your small business should be doing.

Create Strong Passwords

Your accounts are only as secure as your passwords. And if your passwords contain words or numbers that are easily identifiable with you—like a pet's name or a child's birthdate—then you risk putting your personal information, and that of your customers, in the hands of anyone who can figure out your password.

• Weak password: Passw0rd!
  
• Strong password: ke9W#v04CBm1@eU874p
  

Use a mix of letters, numbers and special characters— the longer, the better. And avoid strings of numbers or letters that can be easily guessed (asdfg or 123456). Here at Locallogy, we use a program called LastPass for all our passwords. Not only does it generate strong passwords, but it also helps us manage the hundreds of passwords we use on a daily basis and keeps them secure. LastPass even offers a free version for personal use.

Update ASAP

As soon as your website platform puts out a new update, implement it immediately. Just like any mobile app or phone hardware update, updates to your website platform help fix bugs and other minor issues that could potentially leave your site vulnerable to hackers. So as soon as an update is available, be sure to download it immediately.

Many of our clients use the Duda platform, which has the advantage of automatically taking care of all updates immediately—unlike most content management systems (like WordPress). This means one less thing for you to worry about, plus extra security.

Add Two-Factor Authentication

If any part of your website requires customers to input their credit card information, we suggest adding a two-factor authentication system when they log in. This added layer of security is an extra precautionary measure that forces users to go through a multi-step process when signing into an account. This could come in several forms:

• Security question and answer
  
• Texting a code to the number associated with an account
  
• Sending an email with a confirmation link to an associated email
  

These additional security measures make it harder for cybercriminals to hack into accounts because there’s a more complicated code to crack than just a username and password. And while it’s another step in the login process that some deem annoying, it will make customer information much more secure.

Upgrade to an HTTPS Server

Think of your website’s server as the foundation of a house: a low-quality foundation will lead to an unstable house. Similarly, a secure server is a must if you want to protect all the information that is entered through your website. In fact, Google warns users when they're about to enter an unsecured site. You've likely seen the warning page, with a message that reads "Your connection is not private."

We use a secure cloud-based network for all our clients’ websites, ensuring full protection. Even before Google started enforcing server security, we migrated all our clients to an HTTPS network to provide better security and site optimization to our clients. As a consumer, you should be skeptical of visiting websites that don’t have an HTTPS web address, just as customers will be skeptical if you don’t have one.

Hack the Hackers

If your company does experience some sort of data breach, the best strategy is to be completely transparent with your customers. Tell them immediately what happened, what information was taken and how you are handling it. If you’re open about things from the start and work hard to resolve the issue, you’re more likely to gain back the trust of consumers.

However, using these strategies should help you avoid a breach in your website’s security in the first place. And for small businesses, every precautionary step you can take in securing your website is a necessary one.