You probably heard about the recent global cyber-attack, which reached 200,000 computers across 150 different countries and affected countless businesses including hospitals, Nissan and FedEx.
While these attacks left the world asking ‘how did this happen?’ , the team at Qbit have been thinking ‘how can we ensure our business and our clients’ businesses are protected from cyber-attacks on this scale?’ So, consider this article your doomsday preparation 101.
What can you do to protect your business from being hacked, hijacked or compromised? We’ve got our top 10 tips below:
1. Only create your website using a proprietary-based content management system (CMS) rather than Open Source. Open Source CMS, such as WordPress and Joomla have their CMS code available for hackers to gain access through, rendering them much more vulnerable.
In addition, you need to continually upgrade your CMS version to ensure the latest security patches are applied. Our good friends at Alyka, the digital marketing agency, don’t recommend WordPress, as it is arguably one of the least secure CMS systems.
2. Ensure your site employs SSL certificates (min 128 bit encryption) which protects any data being entered into the website (https://). This applies to any extranet logins, online purchases through e-commerce and any basic data entries.
3. Don’t use FTP or other file transfer programs, particularly if your computer could already be infected by a virus or malware. If your computer is corrupted and you use an FTP, you are passing the infection directly to your website.
4. Tighten your network security by ensuring logins expire after a short period of inactivity. Also, ensure that the devices which are plugged into the network are scanned for malware each time they are attached.
5. Protect your information by updating passwords every three months for CMS access. Passwords should include alphanumeric and special characters. Naturally, saving passwords on your computer is a big no no. The best way to store passwords is through secure applications. We recommend PassPack.com.
6. Make sure you have double firewall protection that is software and hardware driven.
7. Host your server across multiple physical locations, as storing everything in one location poses a major security risk. Hosting your server across different locations not only protects your data, but also reduces the risk of downtime in the event of a server being compromised.
8. Hide your admin pages so they aren’t indexed by search engines. We recommend using the robots_txt file to discourage search engines from listing them.
9. Remove form auto-fill fields on your website. Auto-fill fields make your computer vulnerable to attack. If your computer or phone is stolen, the hacker doesn’t have to look very far for information and passwords.
10. Prepare for the worst and back-up frequently. Every hard drive will fail eventually so be sure to keep everything backed up onsite and offsite.
Implementing these simple tips will ensure your business is protected in the event of a cyber-attack. We recommend Alkya for website creation as they have the safety tools to protect your online home, and obviously Qbit can make sure those safety tools are properly installed, monitored and updated.
For more information visit the Alyka website on: www.alyka.com.au or the Qbit website on: www.qbit.com.au.