Identity theft is the number one crime in America, a crime that claims an average of more than a million new victims every 30 days. And many of those victims are as a result of businesses that leak their customer information, usually by accident, and often through their website.
Category: Small Business Page 6 of 8
Confused about how to protect your website? It’s actually not that hard (hint: there are great companies that will do it all for you for less than a buck a day). But perhaps the easiest way to get your head around website security is to think of it like a PC. Except this is the most important PC you could ever have, because much if not most of your business probably relies on it.
Think about all the things you need to do to protect your PC, and how easy it is. For example:
- You protect it from malware by making sure you have good quality antivirus software. You constantly update that software so it can detect the latest threats, and you regularly scan your computer in case anything slipped past.
- You use a firewall, so that you can deny access to hackers and malware that constantly stalk the internet looking for vulnerable computers like yours.
- You practice computer hygiene. You’re careful about what websites you visit and what you download, so that you don’t inadvertently infect your computer.
- You make sure your PC is constantly patched. Most malware infections result from unpatched vulnerabilities, from Windows to Flash, so you want to patch those vulnerabilities before a hacker can exploit them.
- If other people have access to your PC, you let them know what the rules are, so that they don’t do something that breaches your good security habits.
- If there’s sensitive information on your PC, you take a variety of precautions to protect it. You use strong passwords that are hard to guess, you change those passwords frequently, and you guard them well. And you encrypt any sensitive information on that PC so that if hackers make it past your first lines of defense, your crown jewels are still safe.
- And you take a bunch of precautions, from backing up your data to regular maintenance, to make sure that your PC is always available to you.
The principles of protecting your website are not much different. Granted, putting them into practice can be a little more challenging, which is why you have companies like SiteLock to do it automatically and comprehensively.
But back to those principles. If you’re serious about protecting your website, think about it like you would any PC or laptop:
- Protect it from malware that can infect your website, steal data, and spread to your customers.
- Protect sensitive data, especially customer and credit card data, with layers of security that should include encryption.
- Use strong passwords, especially for web access and FTP, that are changed often and protected well.
- Teach all employees about your website security rules so that whenever they have access to your site, they use it responsibly.
- And regularly review and update your security so that it can match the latest threats, meets any regulatory requirements (like PCI), and does not end up being blacklisted by search engines.
Protecting your website can be challenging, but we can make it easy. Call SiteLock at 855.378.6200 to learn how to automate website security.
Well, I’m not really sure where to begin. Not only was it the first time I’ve received a letter asking me for website security for Christmas, but also the very first letter I’ve ever received from a website. And trust me, I’ve been doing this for quite a while, long before that internet thingy I started for Al Gore.
I am very sorry to hear how worried you are about security, and especially hackers and malware. Not really for yourself, but for your owner. I know that most business owners are so busy building their dream, they sometimes forget that there are some very bad people out there who can too easily steal it all.
I have to admit, I wasn’t really sure where to start. If you’d asked me for a Kindle or an “i” something-or- other, or even just a toy or a scarf, that would be easy. But I feel a little like most business owners do, not really knowing how to protect you and even where to start.
But when I had some downtime on my sleigh (don’t worry – it has cruise control, so it was perfectly safe), I did some research and I hope you’ll be happy with what I came up with.
So here it goes:
You said you wanted someone to watch over you. Well, while I’d love to be able to do that, you understand I have my own full-time job, even in the off-season. So I sent your owner a very nice letter advising her that the best thing she could do for herself (and for you) was to sign up for SiteLock so that you aren’t so vulnerable to all those hackers and malware removal is automatic.
I love giving gifts like that. They’re not extravagant so there’s no need to feel guilty. They’re very simple to use, so your owner doesn’t have to spend her holidays pouring over an instruction manual or looking for batteries. And once you switch it on, SiteLock will guard you and your business around the clock, from the most advanced threats and determined hackers.
So what was next? Oh yes, better passwords. I hear that. It’s a nightmare for my toy business. Who knew so many employees, elves especially, are so careless with important passwords? Like FTP. I mean, why have a lock on the front door of your business if you insist on leaving the keys in it?
But I’ve got you covered. I sent every employee a password manager (don’t worry, some of the best are free). Now they can create and protect the most complex of passwords, and store them all in one safe place. So not being able to remember all those big and clumsy passwords is no excuse. And some of these programs will even remind you when it’s time to update your passwords, so forgetting is not an issue either.
Let me see, what else did you ask for? Sorry, my memory isn’t what it used to be. Oh yes, you wanted to get rid of all that outdated content and code on your website because you think it’s slowing you down. Tell me about. Every year about this time, when the rush dies down, we promise to tidy up the place so that we can run more efficiently as we prepare for next year.
And every year that resolution goes out the door as quick as Christmas itself. Not to worry. I created a special note just for your webmaster. In exchange for his list, I gave him a list, too. It’s pretty simple. I told him to go through every page of the site and remove any outdated content and images, and clean up or remove outdated code — we all know how dangerous that can be.
I also told him to get a patching and updating regimen in place so that all critical patches are installed as soon as they’re available, and outdated software and plugins don’t leave you vulnerable.
I think that’s it. Hope I’m not missing anything. When I think about it, I wish every website would send me a letter like this. I can easily find their owners and lean on them a little.
I mean, if this is the season of goodwill and joy, why shouldn’t it start with your website, the face of your business? For more information, just ask the experts at SiteLock. Give them a call at 855-378-6200. They’re available 24/7 to help.
No one likes talking or even thinking about bad things around the holiday season. It goes against the holiday spirit! But you may not have any choice. Bad things can happen to your business at any moment, and may even be happening as you’re reading this. Every day, millions of small business websites are being prodded and probed by automated hacker tools looking for unsecured websites they can hijack. It’s almost like a thief walking along a row of cars and nearly invisibly checking each door handle to see which ones are unlocked. Except hackers have an additional layer of secrecy. They don’t have to leave their homes to check websites, and they can see many of them – all at once.
Happy Cyber Monday! If your website has survived the Thanksgiving rush, let’s hope it doesn’t suffer from a post-Thanksgiving malware hangover. Because in the usual run up to Christmas, the only people busier than elves are hackers. And their favorite tool this year appears to be malware. What’s a website to do without trusted malware removal?
We took a look at many of the top security stories to hit the headlines in just the last couple of weeks, and it’s not surprising that most of them were about malware.
Security firm Symantec says that hackers have recently been very successful in delivering a nasty gift of malware to unsuspecting users by blasting out emails pretending to be antivirus software updates. What makes the emails so convincing, according to Symantec, is that they look very authentic and incorporate logos from most of the popular antivirus products – probably even those that you use. Because most users are likely to be familiar with the brands and use at least one of them, it makes the email appear more personal and genuine. And therefore more likely to be opened. And clicked – which is what causes the most damage.
Security firm Trusteer also announced that it discovered some of the most advanced financial malware yet, malware that not only has more features than any previous malware, but also creates a private and secure communications channel back to the hackers behind it. According to Trusteer, the malware can steal information entered into web forms as well as steal log-in credentials from dozens of the most popular FTP clients.
And this is especially dangerous to small businesses in the U.S. If this malware is able to steal the login and password for your business bank account, it will very quickly empty that account. And small business accounts are not protected by zero liability. So if the thieves steal every last dime you have in the bank account, you’re out of luck. And maybe even out of business.
To add to the misery, Trend Micro also reported that it discovered more than 200,000 different types of malware targeted at online banking in just the third quarter of this year, with at least 25% of them targeted at U.S. banks.
One of the most dangerous pieces of malware in circulation right now is Cryptolocker. This is ransomware. Once it infects your computer, it will encrypt or lock your files and then demand a ransom to unlock them so you can use them again. The ransom can vary, from $300 to more than $3,000. And even if you pay the ransom, chances are you still won’t get your data back. And thousands of users have fallen victim. Even one police department admitted that Cryptolocker had managed to kidnap their data.
And not to be left out, researchers have discovered that even the NSA has turned to malware to do their job, infecting at least 50,000 with a botnet that will allow them to spy on those computers.
To add website malware scanning and defense to your holiday to-do list call SiteLock at 855.378.6200.
This is my first ever Christmas letter to you. I don’t like to ask for much, but I’m desperate. I’ve been a website for, gosh, going on three years now. Don’t get me wrong, I love my job. My owner’s great, new people visit me every day from all around the world, and my graphics are to die for. There’s never a dull moment, even when my owner is sleeping. Which of course, I never do.
But there’s a problem. My owner is so busy building the business, managing cash flow, and getting orders out the door, that she has little time for things like website security. Besides, she says she doesn’t have a technical background and know much about cybersecurity.
And that has left me feeling, well, vulnerable. Which is not a good thing on the Internet when I’m completely exposed to so many strangers. But my owner really needs the website to showcase her work and generate online orders. And being blacklisted by the search engines would make her very upset. But I worry about what might happen if she doesn’t put everything else aside, just for a moment, and think about website security.
With that in mind, here are just a few things that I would absolutely love this year. Not really for me, but for my owner. I’m doing all this for her, which I think is a very unselfish act. So I hope you’ll do your best to get me as many things on my list as you can.
- First, I’d love someone to watch over me. I know where my weaknesses are, but my owner doesn’t, and she doesn’t have the time to guard me every second of the day. So a website security or monitoring service would be just great. Everyone can sleep easier and I’ll feel much less naked and vulnerable.
- A new password would be great. Would it be asking too much to ask for a new website password say, every three months? Maybe one with a number or two, or heaven forbid a special character!? That could significantly reduce the chances that hackers will guess or crack my password and have access to who knows what. And a strong, random, and well-protected password would be ideal. I mean, what good is a password if it doesn’t do its job very well. Not complaining or criticizing, just saying.
- This might be asking too much, but any chance you could help me get rid of this stuff I’m not using anymore. I feel so bogged down lately with all this old, outdated code and images that no one even uses. It takes every bit of my energy to just load a simple page. I know I could be so much faster and lighter with just a bit of a clean-up – I’ll be a whole new website, you’ll see!
- I don’t want to sound selfish, but could I ask for a little something else for myself? Nothing fancy, but I’ve worked so hard all year I think it would help my spirits and confidence as we get ready for yet another year. Patches. I’d like some patches, or updates. I am up to my gills in all kinds of third-party programs that the web designer thought would be so very cool to burden me with. But he’s easily distracted and he’s forgotten about most of them. Now at least half of them have serious and known vulnerabilities that have never been patched or updated.
Anyway, I hope I didn’t take up too much of your valuable time. And I hope you’ll see that what I’m asking for is not for me. I even know of a company that can help you with this. To make things easy, I’ll provide you with the number to SiteLock website security. It’s 855-378-6200. They’re available 24/7/365 to help!
As Thanksgiving weekend approaches, your customers may be gearing up to make some big purchases. And how safe and secure they feel about your website could determine how much of their hard-earned cash will end up in your pocket.
Website security is one of those things that needs to be addressed (the horror stories of hacked websites are everywhere), but it tends to get put off for many reasons. Some of us underestimate the importance of securing our website, some are afraid it will be expensive, and some think it will be too hard to manage without an IT person on staff. The truth is, website security is critical to your business, but also very easy to implement.
We’ve listed three easy ways to improve your website security:
1. Ensure safe online shopping for your eCommerce customers
As an eCommerce website, you can maximize your sales opportunity by displaying a trust seal. Most website scanning services provide a trust seal to publish on the website’s homepage to show visitors that the website has been scanned and is free of malware and viruses. Trust seals are also used to boost customer confidence.
2. Update your plugins
This is one of the easiest things you can do to protect your website, and also one of the most important. Using outdated versions is the single most common way for a hacker to gain entry to your website, and all your information, and often that of your customers. So make a list of all the plugins and third-party software on your site, peruse it, and purge (uninstall) anything you no longer use. For the ones you do use and want to keep, make sure you have the latest versions and updates installed.
3. Educate your employees about phishing emails
If you are someone who is extremely cautious about opening emails from unknown or large company senders, it may be hard to believe anyone still opens phishing emails or (gasp!) downloads the enclosed attachments. But the reality is that not everyone is aware. And even those who are careful are often so busy and inundated with emails that a few might slip through the cracks. Plus, hackers are getting scary good at impersonating legitimate business emails – PayPal, FedEx, Apple, to name just a few – and luring victims to click on links in order to update account information, track a package, download an important update, etc. All you need is one employee to click on one of these fraudulent download links, and you could be handing over your entire business to a criminal. Financial data for you and your customers – stolen, and your reputation – ruined, in a matter of seconds.
Follow these three easy ways to improve your website security. If you need help with any of the items listed above, give the SiteLock experts a call 855.378.6200. We are available 24/7/365 to help.
Data has always been a currency for crooks but, now more than ever, personal data has become a hot commodity for everyone from petty identity thieves to major organized crime. And one of the easiest ways to get this kind of information is from websites just like yours.
A watering hole, or water hole, is a website with vulnerabilities that hackers take advantage of to plant malware. The idea is that the malware simply lies in wait until someone visits your website, and if that someone is not using protection, he or she will find their computer or smartphone infected with that malware.