Blog

We previously debated the pros and cons of storing your customers’ credit card information on your website, with the debate essentially boiling down to a question of convenience vs. risk. Regardless of whether or not you opted to save credit card data, it’s very likely that your website is in possession of some of your customers’ personal information – things like email addresses, cell phone numbers, mailing addresses, etc.

Hackers looking to steal identities and commit fraud frequently target this private information, so even if you don’t save your customers’ credit card information, you still need to take steps to guarantee that your site remains secure. Check out these five safeguards you can easily implement to greatly reduce the risk of your website (and all the information stored on it) being exploited by malicious third parties.

1.  Create Strong Passwords and Update Them Regularly

This is the most basic of all web security strategies, but it can’t be overstated: you (and anyone else who is an admin on your website) need to create a complex, long password and you need to change it often. Password crackers are becoming more and more complex, so a “strong” password is no longer defined by having a couple words separated by a random exclamation point. You need something truly “random” – any complex combination of numbers, letters, and punctuation – to thwart these hacking tools. You can create this password on your own, or use a tool like LastPass to create and save it for you. Update this password each month at least, and encourage all of your employees to do the same.

2.  Utilize Two-Factor Identification

This goes hand-in-hand with creating a strong password, and should be utilized by both administrators and customers alike. Two-factor identification is another safeguard you can implement to prevent accounts from being compromised by hackers. The first “factor” is the email address and password needed to log in to the account, and the second is a unique, one-time-use code that is sent to a mobile device via text message or phone call. You can only access the account after entering both pieces of information, which effectively safeguards it against would-be hackers. Even if they crack the original password, they’ll be unable to login successfully without the cell phone the code is being sent to.

3.  Update Your Site

There is absolutely no excuse for running an outdated website. Any time an extension or plugin update becomes available, it is your duty as the website owner to ensure that that update is installed. Out of date plugins and WordPress installs are incredibly easy for hackers to identify and target, and once they’ve identified your site as an easy target, all of you and your customers’ information can be compromised in an instant.

4.  Invest in a GOOD Firewall

Another fairly obvious point that is frequently overlooked by owners looking to save money, getting a strong firewall can make all the difference in maintaining your website’s security. If you’re just getting started, don’t go bargain shopping for a firewall – you can’t afford to cut corners when it comes to protecting your customers’ data. If you already have a firewall, take some time to research how it currently stacks up against competing services, and consider making a change if it isn’t consistently well-reviewed.

5.  Audit, Audit, Audit

There are tons of services and programs that will audit your website to determine how secure it is, and where potential vulnerabilities exist. This is another worthwhile investment, as these tools will identify any and all chinks in your website’s armor, allowing you to fix them before a hacker has the chance to exploit them for personal gain.

If you’re serious about your business, you need to make a commitment to maintaining a secure website. Any time you store personal information, you’re making your website a target for hackers and identity thieves, and you need to be proactive in the fight against them to guarantee this data stays safe. Take the initiative to enhance your website security today, and if you have any questions, don’t hesitate to call us at 1-866-944-3244 to set up a consultation. Our team of experts can help create a comprehensive security plan that will keep your customers’ information safe and your mind at ease.