Security is Not Just For Corporations and the Government
This original post from January of 2015 has been updated November 6th, 2017
2017 was a record year for hacks and Internet cybersecurity specialists are working overtime after high-level breaches at Equifax, Gmail, Deloitte and Verizon. It seems to be a constant stream of hacks and data breaches, and it can be overwhelming!
Ransomware is another tricky hack. If you’re not sure what Ransomware is, let me explain: the hacker’s gain access to a file- you receive a message that looks very legitimate, but it is a warning that all your computer files will be encrypted by the malware creator unless you pay up- in Bitcoin- within a short period of time. It is a terrifying thought, especially if you haven’t got a system of redundant backup and offsite storage of critical files, applications, and information stored on your computer.
All of this bad news can breed complacency from the sheer weight of it- people just feel so overwhelmed, so helpless, that when the news breaks about another hack, or malware, or data breach they just shrug and think, “what can I do?”
Passwords and Two- Factor Authentication
There are some steps you can take to prevent some types of attacks, and mitigate the damage of others. The importance of strong passwords and two-factor authentication cannot be overlooked. Most people do not opt for two-factor authentication- you must enter a code sent to your phone via SMS or Voicemail in addition to your username and password- because it takes a little bit more time. Investigate a Password manager service, or devise a system of your own. Unique passwords are important, but it’s a lot to manage without a good system in place.
I am amazed at how open some people are with their access to passwords and accounts. You really need to re-think who should have access to your data and why. Sharing WiFi with your neighbor, or doing online banking at the local coffee shop are simply bad ideas. You have just opened your private data to the world and invited hackers in to sit down and stay awhile, take a look around! Anything else I can get you? Set limits on Users of your Blog- if they’re Contributors, do not give them Admin rights. It will protect them as much as it protects you, and your site. Consider blocking or banning users from your Social Media sites who are known trolls, spammers, or otherwise unfriendly agents.
Back Up, already!
I’ve written a post about this before, What’s Your Plan B? And yet, I still encounter clients who “don’t have the time or money” to invest in a solid back up system. Please read this piece if you have not already done so and make it your New Year’s Resolution to create redundancies for your data.
Be sure to keep your operating systems, WordPress versions, Squarespace versions, Shopify versions and WP Plugins updated. Many times these updates include important security safeguards. If you are too busy to do this, it is best to hire someone to manage your site. A website left alone for long periods of time becomes more vulnerable with each passing day. And if you don’t know what you’re looking for, you may not even be aware that hackers have filled your comment section with spam and loaded malicious code on the backend.
1. Strong Passwords
2. 2 Factor Authentication
3. Limit Access
4. Regularly Scheduled Back-Ups on an external hard drive
5. Updates to OS and CMS platforms & Plugins
These are just a few of the security basics to start with. The key is vigilance and consistency. Pay attention, be suspicious, and look out for anything that seems “phishy”- it most likely is not legit! Contact a professional webmaster or developer if you think you’re site is at risk, or you need support beefing up security at home or for your business.