Recently, one of our clients had their website hacked. They had been managing their own hosting through a third party; the host had failed to back up the site adequately and our client had not actioned the recommended security updates. Having designed, built and delivered the website in mid-2011, it was hard for us to see our client go through this ordeal.
We have now taken over the hosting of the site and are performing daily backups and regular security updates. This incident highlights the importance of an ongoing commitment to website security, as well as the need for transparency between the website owner and the host to ensure responsibilities (for making regular backups, for example) are known and performed.
For our clients and businesses around the world, the company website represents a vitally important tool (and, more often nowadays, the only tool) for being found, establishing marketplace presence, promoting products and services and engaging with current and prospective customers. A company’s website is an online shop window and is a major influencer in how the brand is perceived.
Business people today understand the importance of an online presence, but quite often regard this investment as a one-off cost in their planning, ticking ‘website’ off the list once live, unaware of (or seemingly nonchalant about) the commitments and vulnerabilities that come with it.
Increasingly cyber crime is damaging businesses across the globe; it is the fastest growing form of crime and has impacted some of the world’s largest organisations. For hackers, it’s a simple numbers game; try enough and, sooner or later, they will find a website to exploit. Website owners need to commit to taking steps to combat security risks on an ongoing basis.
Leaving your website vulnerable to cyber crime can be incredibly detrimental to your business, putting your reputation and the trust that you’ve worked hard to build, at risk. Hackers are able to use your website as a launch pad to hack your site’s visitors’ own computers and to steal sensitive information and customer data. They can destroy your SEO rankings and propagate illegal content to your users. If your site is hacked, and you don’t notice, Google can block your site to the point that it is no longer searchable online.
Malicious hacks are becoming smarter and more common and as websites become older, they end up being out-of-date and unable to keep hackers at bay. Hackers are constantly evolving their techniques, meaning that what was secure 6 months ago may now need updating. An ongoing commitment to website security should prevent your website from falling victim to digital crime. Why risk it when maintaining a secure website is actually quite simple and effective?
If the worst does happen, at least you can rely on your site backup. Or can you? Check that your host is backing up your website on a regular basis and, importantly, find out how quickly your host is able to restore the backup following an incident. These details could mean the difference between being back up and running in a matter of hours or being offline for days. It’s also worth knowing the level of detail your host is willing to provide concerning security breaches. The ability to restore you site is one thing but understanding how it was hacked is just as important. Without this information, you will not know how to prevent the same breach from happening again.