Would you be surprised if we told you that the internet was potentially a dangerous place, of course not – we all receive the warnings right? Unfortunately though your online business is right at the top of a hit-list by hackers, fraudsters and unscrupulous criminals (not to mention disgruntled employees and a number of other groups) – all wanting to infiltrate, spy on or gain access to your website administration area. Website security is a big issue and should not be taken likely. As an owner you have serious responsibilities and if you neglect them … well, it could be the end of your business and even land you in jail – do we have your attention?
Without doubt, there are some very clever guys out there in cyber-space. Some of these will attempt to hack into your website simply to prove that they can whilst others will attempt to infiltrate your site in order to steal money or information. The level of your website security needs to be high and you will only achieve this by purchasing your website from a professional website design company – home made websites or off-the-shelf templates generally will not afford you the protection you need as a business owner. Saxon Websites™ uses state of the art and up to date technology to protect your interests online, we understand the need for implementing and maintaining good website security, we also understand the pitfalls and consequences of bad or insufficient website security.
Website Security - Admin Area
If your website becomes compromised and bank accounts and customer details fall into the wrong hands, you could very quickly find yourself in hot water. When you are considering purchasing a website for your company, ensure it is built for business … with a high degree of website security. There are numerous methods of infiltration and numerous physical areas for concern in regard to website security. Your website design team should have the experience to make sure that you are not vulnerable to the methods of attack and that the physical website areas have adequate protection to prevent incursion. Saxon Websites™ has years of experience and provides excellent website security features built-in to every one of its designs. In addition to this, as part of the website hand-over process – we will sit down with our client and explain what to look out for and advise on appropriate actions to take in the event of an attack being identified. We take website security very seriously, so should you. There are many security steps that we take and we will only mention a few of them here – it might be wise to check that your website has these basics covered as a bare minimum.
The first thing to check for in regard to your website security is that your administration area has not been left at its default location. Many professional websites are built with a CMS at its core and every CMS will have a default location and name for its admin area – basic website security principles dictate that the location should be changed and the folder renamed to something not obvious – after all, if you can’t find the administration area … how can you hack into it? Another vital website security area to address once you have masked the location and identity of your website admin area, would be administration access itself. Ensure that your administration team have individual passwords and that those passwords are regularly changed and strong enough to withstand a ‘brute force’ attack. The inclusion of a ‘captcha’ is prudent to ensure the person requesting access is actually a person and not a computer programme. The admin area ideally should also have a ‘lock-out’ facility in the event of failure to supply the correct access details.
Having moved and renamed your admin area and ensured that a strong access procedure is in place, you need to make sure that everything is recorded so that you can diagnose in the event of a website security breach. This is done by keeping an administration log which should be stored in a secure location and access restricted to the Web Master only. The above website security measures really are basic and do need to be in place. If your website design does not have these issues covered, then you could be vulnerable – feel free to call us if this is the case.
Website Security - Main Website
It is more than likely that your website designer has incorporated a ‘slideshow’ or other feature into your website that he hasn’t designed himself – this is normal. From the point of website security, these third party web elements need to be kept up to date – hackers regularly find vulnerabilities in them, using them as a back door entrance to your files. You want to be informed straight away when a new ‘bug-fix’ or ‘security update’ is available – good website security means that this update process should be automatic. Security risks - be alerted and fix them immediately!
People use website forms to send messages, to upload images, spread sheets and in some cases – active scripts. This presents potential website security issues. Good website security goes far beyond installing an anti-virus program to scan incoming messages. Ensure that both upload and download areas are buffered from your core file system and that they can be easily isolated in the event of a problem. Your website design should allow you to restrict the type of files being uploaded. Good website security also entails masking your out-going email address to prevent cloning and your correspondence being treated as junk.
Saxon Websites™ protects its websites in a number of ways and from a number of sources, would-be hackers aren’t the only threat to website security. Search Engine 'bots' for example constantly scan your site in order to evaluate it. We ensure that your file structure is safe by denying or permitting access to key folders, it wouldn’t be the first time that we have come across a businesses client list accidently being indexed. Some developers allow files to be imported from an external source, we don’t. We like all your files in-house where we can keep an eye on them – it’s an unnecessary website security threat in our opinion.