In recent articles posted by the BBC and the Guardian they highlight the ongoing plight that small businesses face to maintain the security on their websites. The Guardian cites that hacks cost the American economy $100 Bn each year, highlighting that it’s not just the Corporates of the world who are being targeted, its small businesses too. Yes, that’s you and me! These hackers don’t differentiate.
Cybercrime is on the increase and whilst we only hear about the high profile sites that have been affected, be aware that the hackers have no care what your business is or who you are – if they see an opportunity they’ll take it.
So I can hear you asking – “Why would they want to hack my little (farming) website?”
Well the answer is simple… if they can get into your website, they can also get onto the Server (and infect the other sites your website shares), and they can also infect users who visit your website! So the destruction they cause can be huge.
It’s probably not something that is either a high priority or even on the radar of a small business owner – and yet the minute your website falls over, who do you contact? And whose responsibility is it? Well unless any prior agreement is in place then its no-ones, but inevitably it will be down to the webmaster to down tools and fix the problem immediately. If your website is not monitored on regular basis this could then become quite costly, not just for the period of time your website is down (loss of revenue) but if there’s no backup then restoring it can be quite a challenge.
There are however, steps that can be taken to minimise the risk (although if the hackers are particularly good and consistent then very little will stop them. Much like if a burglar plans to break into your house they won’t stop at anything to get in). If you use a CMS system such as WordPress then most importantly it’s vital that the software is kept up to date.
I’ve detailed below some steps you can take to minimise your risk.
Don’t use the default Username of: “admin”
When WordPress is installed it will always default the username for logging in to “admin”. Oftentimes (and this is particularly in the case of newbies to web design and WordPress) the developer will keep the username as admin and then create a fairly easy password. This means that the hacker only has to decipher the “easy password” – which trust me won’t take them long. Make sure you change it to a Username that – to state the obvious – is not obvious.
Choose a Strong Password
Some passwords normally consist of names of pets and a few numbers. Again this isn’t a strong password at all. To make it difficult we recommend your password be at least 12 characters, using a mix of numbers, letters and other characters. The downside to this is that it makes it difficult to remember. The upside is there’s FREE software available that will remember all your passwords in one secure place, so all you have to remember is just 1 password. Check out LastPass for details.
Keep WordPress updated.
WordPress doesn’t update the core very often, but when it does you should update your software too. The downside to doing this is when updates are done – depending on the theme – the update can break the website. Highly recommend you get your webmaster to do this, unless you feel confident knowing what your doing.
Keep all your Plugins updated.
Plugins are one of the most vulnerable parts of WordPress, not only to external hackers, but to malicious or greedy programmers. While we only use reputable plugins, it’s important to make sure these plugins are kept updated, just in case a vulnerability is being addressed in the update.
Remember don’t take your website for granted, you’ve invested a lot in it. If your website is your major lead generation tool then it can cost you much more than just a new website! We’ve set up specific packages to take care of all of this for you, so that you don’t have to. Get in touch if you’d like to know more.