Most Popular
Recently Added
Recently Updated

Web Site Security Recommendations - "Securing Your Online Business"

We've received a number of reports this year regarding clients' web sites being tampered with or exploited in a number of ways.

This is a worldwide epidemic, mostly due to clients not being given some basic education in regard to managing a secure online business.

I'll try some analogies below to better explain how to secure your online business, so please bear with me:

In running a brick and mortar store at the corner of Elm and Broadway, at the end of the day you would normally lock the doors, secure the safe, turn off the lights and call it a day. On the Internet the same basic security applies, only the terms are different.

- Locking the door =
Never give out your main web site's password to employees or web designers.

- Securing the safe =
Use secure FTP and secure email so your passwords cannot be easily stolen.

- Turning off the lights =
Monitor your computer for malware and viruses 24/7.

- Call it a day and get some sleep =
Possibly the most complicated part of managing an online business is keeping your online software updated. An outdated web site is akin to sleeping on a worn mattress. If you don't turn the mattress over once in a while you'll end up with a stiff neck or worse...



So lets' discuss how to keep your online store as safe as the store on Elm and Broadway.

- Locking the door.
Let's lock the door against easy entry into your store. Your web site includes an option to add additional FTP accounts (or, "keys").
Because you can't control how employees or web designers may use the keys to your office, it's best to give them access to the areas within your web site they have permission to enter. Likewise, creating additional "keys" or FTP username/passwords makes the tracking of who's accessing your web site via FTP much easier (since all separate FTP logins are logged).
Learn more at:
http://help.tvcnet.net/helpdesk/kb/article/000051

- Securing the safe.
You've locked the door, but break-ins are still possible. The online world requires an Internet connection to enter combinations (like FTP information or email passwords). Secure FTP and checking email securely is how we keep prying eyes from watching our turning of the proverbial dial on the safe.
Learn more at:
http://help.tvcnet.net/helpdesk/kb/article/000073
http://help.tvcnet.net/helpdesk/kb/article/000074

- Turning off the lights.
Who's watching the store when you turn out the lights? Without anti-virus and malware checking your computer you may be giving away the keys to the store without even knowing it.
Learn more at:
See #2 on the page link below.
http://help.tvcnet.net/helpdesk/kb/article/000077

- Call it a day and get some sleep.
Software like Wordpress, Zencart and most non-proprietary software applications are prone to hacker abuse. If you have software installed on your web site make sure to subscribe to the developers' mailing list. Most developers will email alerts when newer versions become available.

As a general rule, a web site with software which has not been updated or reviewed within the past twelve months "is hackable or will be hacked" eventually.

Software is not the only "mattress that needs to be periodically turned." Managing web site file and directory permissions is just as serious.
Learn more at:
See #6 on the page link below.
http://help.tvcnet.net/helpdesk/kb/article/000077


Hopefully my analogies weren't too painful to follow. Following even some of the recommendations above will significantly reduce the likelihood of you having to live through the pain and discomfort of rebuilding a hacked web site and online reputation.


Properties ID: 000136   Views: 3614   Updated: 14 years ago