Tag: phishing

SiteLock Website Security

3 Ways to Improve Your Website Security

Website security is one of those things that needs to be addressed (the horror stories of hacked websites are everywhere), but it tends to get put off for many reasons. Some of us underestimate the importance of securing our website, some are afraid it will be expensive, and some think it will be too hard to manage without an IT person on staff. The truth is, website security is critical to your business, but also very easy to implement.

We’ve listed three easy ways to improve your website security:

1. Ensure safe online shopping for your eCommerce customers

As an eCommerce website, you can maximize your sales opportunity by displaying a trust seal. Most website scanning services provide a trust seal to publish on the website’s homepage to show visitors that the website has been scanned and is free of malware and viruses. Trust seals are also used to boost customer confidence.

2. Update your plugins

This is one of the easiest things you can do to protect your website, and also one of the most important. Using outdated versions is the single most common way for a hacker to gain entry to your website, and all your information, and often that of your customers. So make a list of all the plugins and third-party software on your site, peruse it, and purge (uninstall) anything you no longer use. For the ones you do use and want to keep, make sure you have the latest versions and updates installed.

3. Educate your employees about phishing emails

If you are someone who is extremely cautious about opening emails from unknown or large company senders, it may be hard to believe anyone still opens phishing emails or (gasp!) downloads the enclosed attachments. But the reality is that not everyone is aware. And even those who are careful are often so busy and inundated with emails that a few might slip through the cracks. Plus, hackers are getting scary good at impersonating legitimate business emails – PayPal, FedEx, Apple, to name just a few – and luring victims to click on links in order to update account information, track a package, download an important update, etc. All you need is one employee to click on one of these fraudulent download links, and you could be handing over your entire business to a criminal. Financial data for you and your customers – stolen, and your reputation – ruined, in a matter of seconds.

Follow these three easy ways to improve your website security. If you need help with any of the items listed above, give the SiteLock experts a call 855.378.6200. We are available 24/7/365 to help.

10 Ways Your Employees Can Make You Safer

employeesThere are plenty of things your employees can do to make your business and their workplace safer. Here’s just a sample of some of the more important ones.

  1. Follow your security rules and policies. Which means you have to have some in the first place, you have to share them, and your employees must know there will be consequences if they ignore them.
  2. Protect their passwords. Password safety is not just about creating strong passwords and changing them often. It’s also about employees protecting their passwords, not writing them down where they can be found or hacked (like on a computer) and not sharing them with other employees.
  3. Ignore phishy emails. Phishing emails are still very effective in spreading malware and other threats. And advanced phishing schemes, like spear phishing, can be so convincing they can easily fool employees. So it has to be guard up, all the time. Trust, but verify.
  4. Surf more selectively. Where an employee wanders on the internet, and what sites they linger at, can determine their vulnerability to a host of web threats. One of the biggest threats is a watering hole – an infected web site lying in wait for every visitor (including your employees) to visit the web site, catch the bug, and bring it home.
  5. Believe that if security is good for business, it’s also good for their job. Sad but true, fear is a great motivator. If fear of the impact of a security breach on your business is enough for you to make security changes, same rules apply to your employees. If they can be made to understand that a data or security breach could result in layoffs, maybe they’ll think twice about the next online pharmacy they were thinking about visiting.
  6. Protect their laptops and other devices. The two worst things that can be on an unprotected laptop or smartphone are sensitive customer information and access credentials like a password. It doesn’t help if the devices store company secrets either. But the best way to prevent a missing laptop or phone from turning into a major security incident is to make sure employees don’t use them to store anything sensitive.
  7. Be careful on the road or out of the office. Like the knights of old, it’s easy to feel safe, comfortable and complacent behind castle walls, but things change when you’re out in the wild. Employees need to understand that security rules and practices follow them everywhere because hackers are everywhere.
  8. Beware of free Wi-Fi networks, and especially at hotels, coffee shops, and airports. Setting up a fake network with the network name WelcomeToStarbucks is child’s play, even for an amateur hacker. And a very easy way to eavesdrop on an unsuspecting employee.
  9. Be vigilant, challenge, and report. Encourage all employees to be vigilant around the workplace, whether it’s a stranger wandering around the office or sensitive data left unattended. Make it easy for them to take action when they see something suspicious, and even allow them to report it anonymously if they prefer.
  10. Lead by example. The greatest feature of a great leader is the ability to make others want to follow. If you don’t live, breathe, and talk security, why should you expect your employees to? Talk about security, as often as you can. And talk about it positively, as a business enabler and opportunity, and not in the way you might scold belligerent children.

Google Author: Neal O’Farrell

Page 2 of 2

Powered by WordPress & Theme by Anders Norén