Reading Time: 2 minutes

Web security these days is so much more complex than it has ever been. No one is safe from attacks, hacks etc. Just recently Easy Jet suffered a major breach where millions of customers details were accessed. If you look at your website/application and pick it apart, backups aside, how easy would it be to get up and running again? If your website is a standard brochure sort of site then this perhaps isn’t a massive issue, but if you’re trading online with an e-commerce website, all of your customers data is stored in a database, which, if someone gained access to is available to the hacker.

Breaches come in multiple forms. Brute Force Attacks are amongst one of the most common, where a script will keep trying to log in using different password combinations. Obviously if your data has been stolen before and you use the same passwords for everything, this could be a lot easier than a script trying every single alpha numerical password combination.

Malware attacks are also very common. They can be done with things like keyloggers, logging all keys typed on your machine, spyware, viruses and ransomware. One method that has been on the rise over the years is “phishing”. Where someone creates an application that looks identical to the one you’re trying to use, facebook for example, but on a different url. Once you try to login, the application then submits that info off to the real application so you login as normal, but then they also store your login details for their own use. This is very worrying for things like online banking.

There are many ways to protect yourself and your web presence from attacks. Below we have outlined a few things you should do both locally on your machine and for your website. We don’t guarantee that issues like what we’ve mentioned here won’t ever happen by following these steps, but it will definitely help!

Your Machine

Make sure your machine has all the latest software updates. This applies to software installed on your machine as well as operating system.

Make sure you have up to date virus protection.

When using websites that take your personal information, make sure you are on a secure connection to that site. You can tell this by ensuring you have a padlock showing on the address bar.

Do not use the same passwords for everything!

Where available, always set 2 factor authentication. This will require you to grab a code from an app on your phone when you login to things, so even if someone manages to get your passwords, they won’t be able to access things!

Your Website

Ensure your server is up to date with all software and operating system updates.

Ensure your cms / plugins etc are all up to date. These will include security patches and keep your site secure.

Make sure you use a secure connection for your visitors. SSL certificates don’t cost hundreds of pounds like they used to, and if your server supports it you can even setup free SSL certificates!

Do not use the same passwords for everything!

Keep FTP locked down where possible.

Sticking to this short list of suggestions will drastically help with keeping your data secure but also, and more importantly, your customers data!

If you’re concerned about the security of your website or application, please get in touch with us today. We can do a free website health check for you which will include some security checks.