It's the weekend. You have worked hard all week. It's time to take a break and head to the beach. The car’s packed. You bolt out of your front door, but in all the excitement, you completely forget to lock your front door. Or, maybe you just went to your favorite smoothie shop. In all the excitement of getting your spinach mango protein smoothie, you parked your car and left your back windows down with the keys in the ignition, and your wallet laying in your seat for everyone to see when they walked by your car. You’re thinking to yourself, “I would NEVER be that absent minded…”
Truth be told, most of us would never forget or overlook such obvious blunders to our welfare, safety, and security. The precautions that we would take are obvious everyday security measures – lock our doors as we leave, close and lock our windows, and certainly not leave our windows down in our car with the keys in the ignition!
OK, so meanwhile, back to your Website. You have a Website; it’s your home on the Internet. It is where everyone that is anyone who wants to compete in the 21st century will be in the near future – online, with their own domain name and their own personally hosted website. So, think of your Website as your physical house. If your Website is your house, then a search engine is the city, and all of the people who are using the search engine are people out in the community walking or driving around the streets of the city.
Unfortunately, just as in the real world, there are those that are looking for houses with windows open or a door that is not fully closed – prowlers, who if given the chance, will break in and steal whatever they can find while you are not home. An Internet prowler is no different. They are looking for ‘loot’, and do not care about your well-being, and they will not stop until they rob you if they can.
Of course, everyone that has any sense and uses the Internet knows that cyber-crime is the fastest growing crime in the world. It’s not hard to become a cyber-criminal since most crimes are committed against websites (Internet homes) that have not been adequately protected. And let’s face it. If two middle school boys who were bored one day after school could hack into top secret computers of the military, then chances are someone equally as bored could happen across yours or mine, and do or take whet they wanted to.
It’s not rare, but rather frequent nowadays to hear about someone’s website having been hacked into, someone having their passwords stolen, some worm or Trojan virus that steals all of someone’s personal and banking information. It’s life in the 21st century. It’s craziness to think that 30,000,000+ people a year have their identity stolen worldwide. It is huge business! And eventually, even you will have to deal with something like this happening IF you do not take the necessary precautions to prevent it. If you are an individual that runs an eCommerce business, you have even more to lose, in that if your Website gets hacked, you could end up exposing your users and customers to identity theft and your Website’s reputation will be completely ruined.
In most cases, you are required by law to have a minimum level of security in place to protect consumers who use your Website. Hint: This is what SSL certificates are for. Ok, so, now that we know that it’s just a matter of time before we ALL get hacked (half way serious here), what’s the good news? The good news is that if you are willing to apply some basic precautions in managing your website, you can prolong, if not completely avoid becoming a part of the statistics associated with identity theft.
Here are the immediate must do things to put in place once you start to self-host your own website. Don’t get too overwhelmed in looking at this list. Some of them are handled by you hosting company, BUT, it is important that you ask your hosting company to be sure. Otherwise, defend yourself.
1) Get Virus Protection and keep it! The first line of defense is a good virus protection software program. I recommend that you find someone that subscribes to Consumer Reports and see what the best software is that they are recommending. The top four Security Suites that I recommend are AVG, Norton, McAfee, and Avira AntiVir. I presently use Avira. I can tell you that even if you have a great anti-virus software package you can still get infected since virus attacks can be by newly released viruses. One of my sons was victim to just such a thing on his laptop after visiting a gaming site that ultimately infected his computer without his knowledge (and HE is an amazingly conscientious Internet user). I think he is still working on fixing his laptop.
2) When you start to self-host your personal Website, change your FTP Passwords often. FTP (file transfer protocol) passwords are what you use to access the Internet from your computer to upload website files to your website. I recommend that you change them every few weeks, depending on how often you are accessing your website’s administrative control panel (the place where you maintain your website). Because viruses are all the time being written to steal passwords, then sell them off to the highest bidder on the black market, with you changing your passwords regularly, by the time they get sold or the perpetrator has the time to use it (them), they will have already been antiquated (out of date). Yes, I agree, it’s a pain, but it is one of the first and best line of defenses against hackers. I personally use a series of random alpha-numeric passwords that are 16 characters long and they are rotated weekly between the Websites that I personally own, but then I tend to be a bit over-protective since I own a company that provides Web development and hosting services.
3) Keep your security patches updated! If you are a Windows Operating System computer user (a PC user, not a Mac), you are familiar with the term security patches. Updating them seems to be an ongoing process, but these security patches are mandatory if you want to successful in protecting your computer from MAJOR security risks! Most Trojan exploitation comes through computers that are older, and/or for one reason or another are unpatched with the latest security patches from Microsoft. I suggest that if you are a Windows operating system user, you set your updates to automatic AND still visit the Windows update website regularly to do a manual update. This is in the event your system has a Trojan that slipped by your software and turned off your Windows updates. I personally check for updates every three or four days myself on my own computer, even with my automatic updates turned on.
4) Update your software patches often. We all have personal computers and enjoy the benefits of all the software that make our computers do the things we want them to do to make our lives easier for us. I personally have close to 50 unique programs that I have purchased or had given to me as a reseller of the software that software vendors wanted me to market for them. One of the biggest mistakes of busy people, or better put, impatient Internet users is that of not updating their software when they receive notice that there is an update for it. THIS IS HUGE! I am not sure why, but it just seems to be some sort of mental block in the mind of many people I know that says ‘if it’s not broken, don’t fix it,’ mentality.
Software, in order NOT to be broke, must be updated IF it is at all accessible via the Internet (which by the way, 100% of it is unless you disconnect your Internet connection). I remember hearing of one client who was his own Webmaster had an old version of Adobe Reader that got infected through a PDF virus that made its way to his Website. Some very bad security problems occurred as a result. He seemed clueless how it could have happened, not thinking that hacker created viruses could find their way on to his Website via a software program. To him, having a program that was two years out of date with security updates was a less than wise decision on his part to allow that to happen. Turns out that he would get these ‘important update notice’ messages from Adobe that he continually refused since he was too busy each time to deal with it, and finally turned off his notifications for the updates so he would not be interrupted.
Bad mistake! Bad. Bad. Never NOT let your software updates have their way with your computer. Lot’s of the latest viruses on the market are targeting software as a way to access your computer and/or Website. How are you doing so far? Have you taken these precautions yet? If you have an hour or so, and you have not gotten these fundamental tools in place for your protection, I want to encourage you to address them as soon as possible. If you do not know how to do these things, be willing to pay someone to help you get them done for your. You will never regret the time investment in protecting your Website and your future success as a result of protecting your personal information and the information of those who visit or use your Website.
In Part 2 of this series on Securing Your Computer and Website, I will talk about some additional precautions that someone who wants to have a secure and trusted Website must consider and implement. It will deal more so on the web hosting company’s responsibility side, and what you can to do to be proactive in protecting your investment of time and money and livelihood in doing business online. If you don’t take anything away from this blog post but one nugget of truth, it would be “Update always, and often.”