2014 Web Security Resolutions

With incidents of hacking on the rise, and over 27,000,000 new viruses being created every year* (that’s an average of 74,000 new threats every day!), ensuring the protection of your business on the web is an absolute must. Unfortunately, no system can be made completely watertight – even internet giants like Microsoft and Facebook aren't immune to the occasional hack attack. So, what’s a website owner to do? I suggest you make web security a priority in 2014, by following these simple yet highly effective resolutions.


1. I will use stronger passwords

As much as you might love your cat, ‘Fluffy2010’ just isn’t going to cut it as a password this year. 82% of internet users recycle passwords across multiple sites, and a whopping 40% write them down!* To ensure yours is as secure as possible, use a minimum of 8 characters (length trumps complexity!), including letters, numbers and symbols. And never, ever jot it down on a post-it note.

2. I will protect my site from all forms of malware

Malware is increasing at an alarming rate, and it’s no longer enough to make sure you’re protected from standard malware – you need to safeguard your site against advanced forms, too. HackAvert®, our state-of-the-art anti-malware solution, uses Artificial Intelligence to constantly monitor and detect new strains of malware. Why not try it out for yourself? We’re currently offering a FREE vulnerability scan to detect exploitable cracks in your website! Simply click below and type in the URL of the site you want to scan:


3. I will back-up my website regularly

Many businesses have gaps in their data back-up plans* – putting them at risk of losing valuable information in the event of a cyber-attack. If your site gets hacked, without a back-up you could lose everything. Imagine the stress, time and cost involved in rebuilding your site from scratch?! And don’t make the mistake of thinking that your webhost will back-up everything for you – that's YOUR responsibility. Many open source content management systems offer plugins that will automatically send a full back-up of your site to your email account.

4. I will frequently update my website software

It doesn’t take hackers long to uncover vulnerabilities and malfunctions, so it’s really important to keep your software up to date with the latest plugins and themes. Your content management system will usually let you know about upgrades via email or on your dashboard - make sure you keep track of these changes. Always delete plugins and themes you’re not using – hackers can use idle applications to gain back-door entry to your site. Our anti-malware solution, HackAvert®, scans your website for vulnerabilities bots and hackers can use to attack you. Click here to access a FREE Vulnerability Assessment for your site.

5. I will not create unnecessary user accounts.

Reducing the number of entry points to your site makes it more difficult for hackers to sneak in. Not everyone in your company needs access to your website – so allocate user accounts sparingly.

6. I will only use Linux 777 permissions as a last resort

This resolution only applies to people running websites on a Linux server. Web files with permissions set to 777 are readable, writeable, and executable by everyone – including hackers. Don’t use this set of permissions on your web server unless absolutely necessary. Doing so can result in stolen passwords, exposed databases and deleted content.


7. I will never run unsigned applications

Code signing is a mechanism whereby software publishers use a certificate-based digital signature to verify their identity. It's a major security feature, and checking the origin of an application before running it prevents you from potentially opening files altered by hackers. This year, make it a rule of thumb to never open downloads from unknown publishers - unless you don't mind maliciously added advertising, spyware or viruses. Click here to find out more about code-signing certificates.


SSL247® - Your Web Security Consultants

Remember, here at SSL247® we’re fully accredited web security experts, dedicated to keeping businesses safe and secure on the web. Contact us today to find out how we can help you in the coming year.


Sources:

Carbonite Small Business Data Backup Usage Study, July 2011.

http://www.scmagazine.com/the-state-of-malware-2013/slideshow/1255/#1 http://uk.norton.com/password-pain/article

http://www.av-test.org/en/statistics/malware/

http://press.pandasecurity.com/wp-content/uploads/2013/02/PandaLabs-Annual-Report-2012.pdf

Share this:

Posted on Monday 13 January 2014 by Michelle Browne

Return to blog

Send us your comments


Your comment will not be published. If you have a question, do not forget to write your email address so that we can get back to you!