Think your small business website is not high profile enough to get hacked? You thought wrong. In fact, you don’t have to be Facebook, Microsoft, Sony or Apple to be the target of a hacker.
HostPapa’s partner SiteLock recently released a website risk report and the results revealed that the hacking of small business websites has reached nearly epidemic proportions. Contrary to what you may think, small and medium sized business websites actually appear to hackers as “low-hanging fruit”…in other words, easy pickings.
The report goes on to discuss the reasons for, and methods behind these website attacks and uncovers the primary vulnerabilities affecting small businesses today, which include:
- The use of popular (read: free) open-source applications;
- The lack of monitoring, security defenses, and warning systems;
- Untrained employees using unprotected computers, devices, and networks;
- Additional risk and exposure from social networking, cloud computing, and mobile computing;
- The lack of time, manpower, skills, resources and funds to focus on website security.
The SiteLock report also concluded that the top three security issues affecting small business websites are malware, cross-site scripting, and SQL injections.
Now, although this is alarming, there is actually a lot that you as a small businesses or website operator can do to protect yourself:
- Stay up to date. Scan tech news sites, and blogs regularly to learn about the most current hacks, scams, bugs and vulnerabilities.
- Password management. Regulate password creation, set minimum password strength requirements, and decide the frequency with which passwords must be changed. Don’t forget to include specific rules about storing or sharing passwords.
- Monitor and limit access. Keep close control of your website admin interface by setting tight access limits for employees, webmasters, and anyone else who needs access.
- Stay on top of updates. Be sure to update any third-party plug-ins, applications, and scripts used to help operate and manage your website. This includes WordPress, Joomla!, OpenCart, Drupal, and Magento, among others.
- Regularly scan your website for vulnerabilities. Be proactive by keeping one step ahead of hackers. The easiest way to do this is to use an automated scanning service to continuously check your website for a variety of security gaps and vulnerabilities.
At HostPapa, we have SiteLock security seals that run regular scans to check your site for vulnerabilities and offer protection against malware. If you haven’t already scanned and protected your domain, do so right now!