Keep Your Online Brand Safe - Part 1

Just as you might protect your home and vehicle with an alarm system or other security measures, protect against identity theft by not revealing personal information, and require passwords or other security questions for access to computers or other mobile devices, so too must you take steps to make sure your online brand is secure.

In this two-part series of articles, I am going to share with you a few ways in which you can keep your online brand safe: protect your website and claim your organization’s online directory listings. Today we’ll be looking at website security measures.

Website Security

A website is your organization’s digital “home." As such, you need to secure your digital home against potential invaders who want nothing more than to make a mess of your online livelihood. You may have heard the phrase “The best offense is a good defense.” That’s exactly the approach I’m encouraging you to take with protecting your website. If you have defensive measures in place, you can mitigate or eliminate any damage or infiltration that might occur on your website. Please realize that these suggestions are not fool-proof, just as you cannot 100% guarantee that someone won’t successfully break into your home or car. However, by having parameters in place for such a situation as this, you can lessen the extent of the damage you might incur and minimize the downtime you might experience in the event of a successful security breach.

Nine Website Security Measures You (or Your Webmaster) Should Have In Place

1. Don’t use easy or generic login credentials for your website. If your password (for any website) still contains some variation of “abc,” “123," or “qwerty," do yourself a HUGE favor and change it. Right now. While you might think you’re just making the password easy for yourself to remember, you’re also making it easy for a hacker to guess your password. Because guess what? You’re not the only person in the world with that idea! On this note, did you know that some of the most common usernames for a website are “administrator” or “admin”? Or, sometimes usernames are the same as the domain name (i.e., for “abcwebsite.com,” you might have a username of “abcwebsite”). Again, those usernames make it so easy for hackers to get into your website, you might as well just throw the door of your “digital home” wide open and invite them to come in!

2. Change your passwords frequently. At a minimum, change your account passwords every 60-90 days. Yes, this means you have to remember more passwords, but if it also means you’re staying one step ahead of potential hackers and damage to your digital home, isn’t the effort worthwhile? YES, it is worthwhile.

3. Delete any unused or old user accounts on your website. Don’t give your hackers more information to work with. Simply put, if you’re not using those usernames, get rid of them. Also, if you provide employees with access to your website and you part ways with them, get rid of their account, or at least change their password, as soon as the door closes behind them when the leave. Don’t open yourself up to potential damage. While you may not think a former employee would do something like that, you never know, and it’s better to be safe than sorry, especially if you did not part on the best of terms.

4. Restrict employee access to the website. Only provide access to those whom you trust, and even then, make sure you have security measures in place to monitor their activity. Consider assigning differing levels of access based on what activities your employees will be doing on your website. For example, if you have an employee in charge of creating and scheduling blog posts, then give them authority to do those activities. They don’t need to have full administrative privileges in order to write a blog post. By limiting access for your website’s user accounts, you are limiting access points for potential hackers.

5. Have a backup copy of the website files in an off-site location. If your server crashes or if your site is hacked, having a copy of the website in a separate, secure location will allow you to quickly recover.

6. Schedule regular, automatic website backups. Sure, having a copy of the original website files somewhere is a good plan; however, if those files are not updated files, then you’ve got a lot of work to do in order to bring your website back up to speed. By maintaining regular backups, you should have a recent copy of your website that reflects any updates or other changes that might have been made to it.

7. Pay for security scanning/protection. You might have paid for a membership or license for a computer malware software program to periodically scan your computer and identify (and remove!) any viruses or malware that might be affecting performance and/or security. Similar services exist for website management. There are services that will scan your website looking for malicious content or “back doors” through which hackers might be able to access your website. Additional services include notifications of log-in attempts for users attempting to access your website. This will allow you (or your webmaster) to monitor activity on your website and give you the ability to respond quickly to unauthorized activity.

8. Run regular website and plugin updates. If you are using a free or purchased website theme, be sure to install any updates to the theme as they become available. Many times these updates contain changes that will keep your website secure. If you don’t do the updates, then you are leaving your website vulnerable to attack via those unclosed loopholes that may have been in older versions of your website theme. Additionally, if you are utilizing any plugins on your website, be sure to monitor the plugins for any available updates. Those updates are crucial to maintaining plugin integrity as well as closing any potential security gaps that may have existed in previous versions of the plugin.

9. Don’t be afraid to reach out for professional assistance. Honestly, the small amount that you might have to pay to have a professional webmaster or web developer to maintain your website will FAR outweigh the cost of repairs to a damaged website and reputation. As website managers, it’s our job to keep your website(s) safe so you can focus on doing business.

If you have any questions or concerns about your website’s security, Embellish Marketing can help you! We offer annual website management packages that include regular backups, security checks, activity monitoring, technical support, and more. Contact us today to learn more about how we can help you keep your website and digital brand safe!

Continue learning about how to keep your digital brand safe by reading the second post in this series: Keep Your Online Brand Safe - Part 2 

Was this article informative? Please share it with others who would enjoy it too!