Two Basic Security Measures Every Small Business Owner Should Check Are Properly Functioning On Their Website

As we enter the home-stretch of an election year, it is really important for business owners to take some precautionary security steps to ensure their websites are protected from the increase in hacker activities.  I see it on a daily basis, people from around the world, trying to gain access to unsuspecting websites, hoping to either use it as a shield to hide behind either to do other unethical tasks on a bigger scale or to simply hold your website hostage, asking you pay a ransom.  This article is designed to provide you with a quick checklist of two key items that you should check for, or discuss with your web provider, to ensure your small business is protected from these cyber thieves.

1. Check To See That Your SSL Certificate is Active
   

   An SSL Certificate is a layer of encrypted security that is added to the server environment putting a layer of security between your website files and the world-wide-web.  When active and installed properly, a little lock should show before your website address in the browser address bar. If there is no lock, there is one of two problems:

   1) You are missing an SSL.
   2) An SSL may be present, but it has been installed incorrectly.

   In either case, the solution for this starts with your web hosting provider.  If you are missing an SSL, you can purchase one through them.  If you already have one, then ask them why your SSL is not displaying a lock in the web browser.  It may be something they will help you with, or they may direct you to your web developer to resolve.  I know with WordPress extra steps have to be taken for the files to see the SSL on the server, so it may mean just a few minor adjustments to your core files to resolve.

2. Make Sure You Have an Off-Server Recovery File for Your Website
   Most websites are hosted on shared server environments, meaning you and several other people have their web files stored on the same computer connected to the internet.  Like your neighborhood, most servers have programs that watch the neighborhood for potential threats (like Police); but just like in our communities, it is up to each person on the block to do their part in both securing their property (hosted files) as well as reporting a potential crime the community manager (the hosting company) to keep things healthy.Now, part of your server program does include creating a back-up of the server files on a daily basis, but this back-up is primarily for recovery purposes of the hosting company themselves, in the event their hardware would fail.  These files are also stored on the server, so if a hacker gains access to the neighborhood, they gain access to all files – including the backup files – stored on the server.  For this reason, it is recommended that you download and keep a regularly updated version of your website files off-server for safekeeping so that you can take these files and quickly move to another server if needed and restore your online presence without needing to pay any kind of ransom to restore your website.  To protect yourself, you can check with your Hosting Company on how to download a recent copy of your archive files.  You can also check with your web developer to ensure this is managed for you on a regular basis.

Rest assured, if you are a client of GSG and part of our Maintenance Program, both of these steps, and a few more, are managed for you on a regular basis.  If you are not a member of our Maintenance Program we recommend you reach out to your developer for the options they may provide, as Maintenance Support is often a separate service from that of the actual site development.

How to Avoid Paying Federal or State Fines

If a hacker gains access to your site, your business (not the hosting company or your web developer) could be responsible for Federal and/or State fines, both of which could be really hard for most small businesses to swallow.  Right now, even more so during an election year, hackers work hard to control the airwaves and spread lies about the candidates.  The best thing you can do now is to ensure your space is protected and you’re doing your part to be part of the solution.

We are a stronger community together, so if you find this helpful, please share this article with other small business owners you know so we can keep our web community healthy and strong!

Until next time, “protect the web!”