How would you react if you visit a website, and your browser tells you, "Not secure" or "Insecure connection?"
Would you continue using the site?
You might if you're there to read an article or obtain information.
But you definitely won't if you're there to buy a product or hire a service. This is because everybody knows "Not Secure" means you should never enter sensitive information into that tab (credit card or financial information, personally-identifying details, passwords, etc.).
Website security is of huge concern for internet users today, as almost everyone is now aware of the existence of cyber threats and attacks.
As a business owner, the least you can do is provide your site visitors with the assurance that your site is a "safe place" for them to be.
To do that, below are a few steps to take.
- Ensure your site is on an SSL connection
- Hire a web hosting service that is known to protect client's data no matter what
- Use anti-malware software
- Use uncrackable passwords
- Always hash passwords
- Update your site from time to time
Ensure your site is on an SSL connection
When it comes to transacting with businesses on the internet, the first thing consumers look out for is that green lock image and "https" in the browser bar.
No matter what you say about your site's privacy and security policies, if consumers don't see these signs on your site, they won't trust you with their info.
So, in order to back up your claims about your site being a "safe place" for financial transactions, you have to ensure your site is on an SSL (Secure Sockets Layer) connection.
If you're running an eCommerce business, you'll need to install a far more advanced version of SSL, as your business is one of the biggest targets for hackers and scammers.
Hire a web hosting service that is known to protect client's data no matter what
Take it or leave it; not every web hosting company is capable of maintaining a 100% protection of clients' data. And this is sometimes because of the existing anti-privacy laws and policies in the country where they operate.
The US is a good example of this!
As a business owner who's interested in protecting business data, such as applications, databases, and internal operation protocols, as well as private customer data and information, choosing a web hosting company that operates in the US might not be a great option.
So what do you do?
Find a web hosting company in countries with more lenient regulation - Switzerland.
Switzerland is well-known for its Federal Act on Data Protection, hence making it difficult for authorities or third-parties to snoop on hosting data and activity. As a result of this, many of the companies that sell web hosting in Switzerland, like Swissmade.host, are able to provide privacy-focused dedicated and virtual server hosting with relative ease.
Use anti-malware software
Just the way you protect your PC and mobile phones with anti-virus and anti-malware programs, you can also protect your business website with similar programs.
There are plenty of different anti-malware options out there. Some have free plans - like Bitdefender Antivirus Free - while others you have to pay for, such as SiteLock.
Whether free or premium plans, some of the benefits you'll enjoy from installing a website anti-malware program include:
- Web scanning
- Malware detection and removal
- Web application firewall
- Vulnerability patching
- DDoS protection
- PCI compliance
Use uncrackable passwords
As the site owner, the onus is on you to ensure your admin-level passwords are as complicated, random, and uncrackable as possible.
Simply setting your site's admin-level passwords as 123456789 won't cut it. You've got to go create something that is not easily replicated anywhere else.
As a general rule, you can use a combination of random, alphanumeric characters comprising digits, letters, and symbols.
Always hash passwords
If your business website has reasons to collect and store client's passwords, then you need to ensure those passwords are stored in hash format.
A terrible mistake most newbie business website owners make is that they would store client's passwords in plain text formats, leaving the passwords vulnerable to theft if a hacker ever finds the file.
Update your site from time to time
Once a site is up and running, it can be easy for the site owner to forget all about site maintenance. In fact, most owners don't even bother checking the status of their website until something comes up, and the site stops functioning well.
As a general rule of thumb, you should constantly check the status of your website to know when an update is required or available.
This is even more important if you're using a website builder platform like WordPress, because most of the time, many of the site's plugins and software might become outdated and vulnerable to bugs, glitches, and - worst of all - hackers wielding malicious code.