In the digital space, like the physical, it’s important to protect your assets.
Spammers, scammers, hackers, viruses and even contractors are all very real threats.
If you’re hit, it can have serious consequences for your business.
Imagine for a second that one morning you wake up, and your entire website has been deleted.
A website you’ve had for years. A representation of a huge investment in time and money, not to mention a large driver of sales and conversions. Your online home, gone.
I’m part of an online business forum where recently, and unfortunately, this happened to a number of business owners. They’d hired a developer to make site updates, and this developer had outsourced the work to a third party. This third party had not been paid, and in response had simply deleted their sites.
Devastating, to say the least.
Although this is an extreme case, I’ve also seen other equally terrible situations:
– an instagram account hacked, with hundreds of thousands of followers lost; and
– a business owner who was conned by ‘her bank’ into installing Team Viewer onto her computer so they could ‘check her accounts as they’d noticed some suspicious activity’. In the process, they’d unknowingly given the real scammers access.
There are a number of precautions you can take to ensure that you’re not next in line for a security breech.
1. Store it in a safe place
Essentially your website is a collection of files and folders that tell the front end how to appear and behave. Like files and folders on your computer, your website can be duplicated in a safe place. Even better, this can be scheduled to run regularly and automatically.
For WordPress sites I recommend Updraft Plus. To restore a website from back up, it’s as easy as re-uploading the files to the right directory. Which you can do yourself with a smidge of tech knowledge, or hire someone like me to support!
For drag and drop builders like Squarespace, Shopify etc they should keep a back up for you, and this additional layer of security is included in your subscription price.
2. Factor in Two Factor
Two Factor authentication is an additional layer of security that helps ensure you are who you say you are. This second factor comes in the form of a code, delivered to your phone, to enter along with your password when logging in. This can be via text message or an app like Google Authenticator. I recommend turning on Two Factor for all digital accounts – bank, website, social media, email etc.
3. Password please
If you’re the kind of person who has the same password for every account – it’s time to consider a new method! With the multitude of online accounts these days, it’s understandable that we use the same password over and over, but it’s not smart. What is smart, is using a Password vault to generate and manage passwords. Once your account is created you only need to remember one login, and you can install the manager across all your devices. My top pick is LastPass, even better, they have a free plan available. Lastly, change your passwords regularly, at least every 6 months.
4. Providing access
There may come a time when you need to provide access to your website backend. In this case it’s paramount that you provide the correct level of access, in a secure way.
For example if you’ve hired a VA to upload blogs to your website, make sure you only give them access to the blog section and edit rights, rather than admin rights.
Where possible choose the option to send the login details directly from your website backend. If for some reason you need to share login details via other means, use a secure sharing service like Privnote. This allows you to send private details in a self destructing note that can only be shared once, via a unique link. Be sure to utilize the additional layer of security by encrypting the note with a password and send this through a text or a phone call.
Lastly, If you terminate contracts, be sure to make it part of your process to change passwords and rescind access ASAP.
5. Implement
Now’s where it gets serious. Most business owners will never implement these suggestions, and at some point they may find themselves wishing they had. But if you’ve made it this far, you’re not most business owners! Do me a favor and schedule in 30 minutes this week to make these changes. They’re all simple, they’re all free, and they’ll all give you peace of mind that you’re a step ahead in the security game.
Even better, drop me a line and let me know when you’ve completed your security upgrade.