5 Ways to Improve Your Website Security
posted Apr 29, 2019 by Daniel M. Andrea, CPA, CITP, CISA in the Business Blog
In today’s world, every website is a target for hackers. To prevent losing sensitive data, there are at least five key actions you should be taking to keep your website secure.
1. Establish strong device security protocols-
Who has access to the back end of your website? Are their devices secure? If any of the devices employees use to make edits to your website are lost, stolen or compromised, you could be giving a hacker access to your online accounts!
Follow these protocols:
a. Create strong passwords (at least six characters, combination of letters, numbers, symbols, upper and lower case) and change them on a regular basis.
b. Consider implementing a session timeout (user gets signed out after periods of inactivity).
c. Utilize multi-factor authentication (MFA)
d. Scan all devices for malware on a regular basis
2. Use Web Application Firewalls (WAF)- A WAF helps protect web applications by filtering and monitoring HTTP traffic between a web application and the internet. Deploying a WAF in front of a web application essentially places a “shield” between the web application and the Internet.
3. Get a Secure Sockets Layer (SSL) Certificate- Ever wondered what the extra “s” is for in a web address after the “http”? SSL is the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is sent between two systems. SSL prevents criminals from reading and modifying any information transferred, including potential personal details.
If your site is equipped with an SSL, your data will be much harder to intercept with this extra layer of security.
4. Install Security Applications
· Vulnerability scanners- These help detect and classify system weaknesses in computers, networks and communications equipment.
· Web security audits- These audits pinpoint your website security risks by scanning for weaknesses in your web site code, and errors in your web server settings.
· SSL server tests- These help indicate the approval of an SSL certificate, or whether an SSL is set up correctly.
5. Update your software regularly- Software vulnerabilities are much more prevalent than physical vulnerabilities, so make sure you’re regularly updating your operating system, web browser, and computer software. Be especially mindful of necessary updates to the content management system (CMS) your website is built upon.
Cyber criminals will go after any vulnerable website, big or small. Make sure you have implemented all the necessary precautions to prevent loss of sensitive data! Need help getting started? Contact us.