Pages Navigation Menu

Your Best Opportunity for Success Online

Securing Your Computer and Website (Pt1)

Posted by on in Your Computer | 0 comments

It’s time to take that week off and head to the beach. The car’s packed, you are on the way. You bolt out of your front door and completely forget to lock it. Or maybe you just went to your favorite coffee shop (smoothie shop for you health nuts like me). In all the excitement of getting your spinach mango protein smoothie, you parked your car and left your back windows down with the keys in the ignition, and your wallet laying in your seat for everyone to see when they walked by your car. You’re thinking to yourself, “I would neverrrr be that absent minded…”

Truth be told, most of us would never forget or overlook such obvious blunders to our welfare, safety, and security. The precautions that we would take are obvious everyday security measures – lock our doors as we leave, close and lock our windows, and certainly not leave our windows down in our car with the keys in the ignition! Ok, so meanwhile, back to your Website. You have a Website; it’s your home on the Internet. It is where everyone that is anyone who wants to compete in the 21st century will be in the near future – online, with their own domain name and their own personally hosted website.

So, think of your Website as your physical house. If your Website is your house, then a search engine is the city, and all of the people who are using the search engine are people out in the community walking or driving around the streets of the city. Unfortunately, just as in the real world, there are those that are looking for houses with windows open or a door that is not fully closed – prowlers, who if given the chance, will break in and steal whatever they can find while you are not home. An Internet prowler is no different. They are looking for ‘loot’, and do not care about your wellbeing, and they will not stop until they rob you if they can.

Of course, everyone that has any sense and uses the Internet knows that cyber-crime is the fastest growing crime in the world. It’s not hard to become a cyber-criminal since most crimes are committed against websites (Internet homes) that have not been adequately protected. And let’s face it. If two middle school boys who were bored one day after school could hack into top secret computers of the military, then chances are someone equally as bored could happen across yours or mine, and do or take whet they wanted to. It’s not rare, but rather frequent nowadays to hear about someone’s website having been hacked into, someone having their passwords stolen, some worm or trojan virus that steals all of someone’s personal and banking information.

It’s life in the 21st century. It’s craziness to think that 30,000,000+ people a year have their identity stolen worldwide. It is huge business! And eventually, even you will have to deal with something like this happening IF you do not take the necessary precautions to prevent it. If you are an individual that runs an eCommerce business, you have even more to lose, in that if your Website gets hacked, you could end up exposing your users and customers to identity theft and your Website’s reputation will be completely ruined. In many cases, you are required by law to have a minimum level of security in place to protect consumers who use your Website. Hint: This is what SSL certificates are for.

Ok, so, now that we know that it’s just a matter of time before we ALL get hacked (half way serious here), what’s the good news? The good news is that if you are willing to apply some basic precautions in managing your website, you can prolong, if not completely avoid becoming a part of the statistics associated with identity theft. Here are the immediate must do things to put in place once you start to self-host your own website. Don’t get too overwhelmed in looking at this list. Some of them are handled by you hosting company, BUT, it is important that you ask your hosting company to be sure. Otherwise, defend yourself.

1) Get Virus Protection and keep it! The first line of defense is a good virus protection software program. I recommend that you find someone that subscribes to Consumer Reports and see what the best software is that they are recommending. The top four Security Suites that I recommend are AVG, Norton, McAfee, and Avira AntiVir. I presently use Avira. I can tell you that even if you have a great anti-virus software package you can still get infected since virus attacks can be by newly released viruses. One of my sons was victim to just such a thing on his laptop after visiting a gaming site that ultimately infected his computer without his knowledge (and HE is an amazingly conscientious Internet user). I think he is still working on fixing his laptop.

2) When you start to self-host your personal Website, change your FTP Passwords often. FTP (file transfer protocol) passwords are what you use to access the Internet from your computer to upload website files to your website. I recommend that you change them every few weeks, depending on how often you are accessing your website’s administrative control panel (the place where you maintain your website). Because viruses are all the time being written to steal passwords, then sell them off to the highest bidder on the black market, with you changing your passwords regularly, by the time they get sold or the perpetrator has the time to use it (them), they will have already been antiquated (out of date). Yes, I agree, it’s a pain, but it is one of the first and best line of defenses against hackers. I personally use a series of random alpha-numeric passwords that are 16 characters long and they are rotated weekly between the Websites that I personally own, but then I tend to be a bit over-protective since I own a company that provides Web development and hosting services.

3) Keep your security patches updated! If you are a Windows Operating System computer user (a PC user, not a Mac), you are familiar with the term security patches. Updating them seems to be an ongoing process, but these security patches are mandatory if you want to successful in protecting your computer from MAJOR security risks! Most Trojan exploitations come through computers that are older, and/or for one reason or another are un-patched with the latest security patches from Microsoft. I suggest that if you are a Windows operating system user, you set your updates to automatic AND still visit the Windows update website regularly to do a manual update. This is in the event your system has a Trojan that slipped by your software and turned off your Windows updates. I personally check for updates every three or four days myself on my own computer, even with my automatic updates turned on.

4) Update your software patches often. We all have personal computers and enjoy the benefits of all the software that make our computers do the things we want them to do to make our lives easier for us. I personally have close to 50 unique programs that I have purchased or had given to me as a reseller of the software that software vendors wanted me to market for them. One of the biggest mistakes of busy people, or better put, impatient Internet users is that of not updating their software when they receive notice that there is an update for it. THIS IS HUGE! I am not sure why, but it just seems to be some sort of mental block in the mind of many people I know that says ‘if it’s not broken, don’t fix it,’ mentality. Software, in order NOT to be broke, must be updated IF it is at all accessible via the Internet (which by the way, 100% of it is unless you disconnect your Internet connection).

I remember hearing of one client who was his own Webmaster had an old version of Adobe Reader that got infected through a PDF virus that made its way to his Website. Some very bad security problems occurred as a result. He seemed clueless how it could have happened, not thinking that viruses (hacker created) could find their way on to his Website via a software program. To him, having a program that was two years out of date with security updates was a less than wise decision on his part to allow that to happen. Turns out that he would get these ‘important update notice’ messages from Adobe that he continually refused since he was too busy each time to deal with it, and finally turned off his notifications for the updates so he would not be interrupted. Bad mistake! Bad. Bad. Never Not let your software updates have their way with your computer.

Lot’s of the latest viruses on the market are targeting software as a way to access your computer and/or Website. How are you doing so far? Have you taken these precautions yet? If you have an hour or so, and you have not gotten these fundamental tools in place for your protection, I want to encourage you to address them as soon as possible. If you do not know how to do these things, be willing to pay someone to help you get them done for your.

You will never regret the time investment in protecting your Website and your future success as a result of protecting your personal information and the information of those who visit or use your Website. In Part 2 of this series on Securing Your Computer and Website, I will talk about some additional precautions that someone who wants to have a secure and trusted Website must consider and implement. It will deal more so on the web hosting company’s responsibility side, and what you can to do to be proactive in protecting your investment of time and money and livelihood in doing business online. If you don’t take anything away from this blog post but one nugget of truth, it would be “Update always, and often.”

Read More

Securing Your Computer and Website (Pt2)

Posted by on in Your Computer | 0 comments

We have probably all heard the old adage, that ‘a chain is only as strong as its weakest link.’ The very same can be said about computers and Websites. You can have 99% of your computer and your Website secured, but it’s going to be that 1% that ultimately brings ruin to your overall security strategy. In my first installment on computer and Website security, i.e. Securing Your Computer and Website (Pt1) I shared about the importance of anti-virus software, FTP passwords, operating system security patches, and software security patches.

I hope that if you have had the opportunity to read it, that you have begun, if not completed putting these security measures in place. If you have not had the opportunity to read it, and are unsure about how to starting being proactive as an Internet user and/or Website owner, please take the time to do so. In this installment of Securing Your Computer and Website, I want to focus primarily on the Website hosting service or server side of the security equation.

When I got started in computers and the Internet (seriously involved) in the middle 1990’s, when I was asked by a ‘newbie’ to computers and the Internet how to avoid viruses, being the conservative guy that I was (or rather, am), I simply said, ‘don’t look at porn online or visit porn websites.” It was really pretty straight forward and wise advice on multiple levels. At the time, 95% of all viruses were associated with seedy rogue Websites that offered pornography to their visitors (and viruses that were downloaded when they tried to save the pictures to their computers). Almost equally as bad as porn Websites were the file sharing websites that allowed users to trade files between themselves, like music and copyrighted materials (that incase you have not figured it out yet, is illegal).

If you avoided these types of Websites you were almost guaranteed that you would be mostly safe and secure from all the troubles associated with those who were foolish enough to use such Websites. Now days, any ‘Website, anywhere that is focused on a particular niche market is vulnerable. That is why it is important to actively protect your Website on the Web hosting server you use, whether it is your own dedicated Web server or you are hosted on a virtual dedicated Web server (a server where several Websites are hosted).

The following are precautions that you can take if you want to be proactive in protecting your Website from the possibility of security breaches:

1)  Continually update your Website software to be sure you have the latest security patches.  Most Websites are not custom built, but rather templates and fairly basic platforms that most Internet users, if they want tot take the time to learn, can personally set up their own Website. Some Websites are more complex and much more customized, and are way beyond the average Internet user’s capability to build or maintain. In both instances, there is a continual need to be sure that your Website is secure and that the platform or Website development tools you are using to build and maintain your Website are continually upgraded with security patches.

Blogs are becoming a huge part of the Internet Website business and the WordPress blogging platform is by far one of the fastest growing platforms in popularity. It is the blogging platform we recommend to all of our clients. This blog is built on the WordPress blogging platform. Whatever you decide to use for your Website’s platform to build your Website, be sure that you are always running the latest version of the main software that powers your Website, and if they provide plug-ins like that of WordPress, be sure to upgrade your plug-ins whenever you are told to do so. The cool thing about WordPress is that it updates itself whenever there is a new patch or security or stability issue that needs to be addressed.

Unfortunately, because of the WordPress popularity, many of the latest hackers are targeting WordPress. Whatever you are using in the way of a Website platform, you can help to avoid security issues by always seeing that you are running the latest version and that if you use plug-ins for that platform, that you keep them up to date.

2)  Get help from Google Webmaster to monitor your Website. Google has some pretty cool tools to help people use the Internet more effectively and securely. One of those tools is a Google Webmaster account, and it is FREE (I love that word… FREE). If you get your Google Webmaster account linked to your Website, should you be hacked by some cyber-dog, Google will send you an email to tell, and even what pages have been hit by the hacker. And, while your Google Webmaster account is not a prevention tool, it is a valuable free tool that is the cure to helping you solve your security problems. Google updates the pages they monitor every hour of every day, so for most Website owners who have and use the Google Webmaster account, Google is most often the first to notice your site has a problem, and lets you know.  

3)  Confirm with your Web hosting provider that they keep their server patches updated. Most of us use third party web hosting (meaning you don’t have your Website hosted on your own computer). As a general rule, most people assume that their Web hosting company is proactive with their hosting servers. Unfortunately, they are not. But you can still make sure that your host is doing everything they can by asking. Send an email to their support department and ask them directly how often they implement server updates and security patches, and what their security methods are. When they respond, print out and keep a copy of the response in your Personal Identity Security folder for future reference (you attorneys know what I am talking about). It is sometimes worth paying a bit more to make sure your host is doing as much as you are to protect your site, your business, and you.

4) Check your server file permissions and see that they are secure.  Imagine having a really nice garden that you have spent months cultivating and it is just beautiful and something you are really proud of, and to get into the garden, there are 4 different gates that allow access to it. Three of those gates are securely locked, but you have not taken the time to lock the fourth. If a gate is left open, as gardening goes, something or someone come through it and there is no telling the damage that will be done to your garden (thinking of a particular neighborhood dog right now that really likes to dig under tomato plants). Server file permissions are sort of little like these gates to your garden. If you leave access to your server files (files that make your Website work and collect information from visitors or users) unlocked, the dog(s) will get in via these unsecured permissions that have been set incorrectly. Although they can be quite hard to understand, if you speak with your hosting company, they can make sure that your permissions are correct and secure.

I said earlier that no computer or Website is 100% secure or safe from hacker or virus attack. Truth be told, if someone really wants to get to you, they will. It’s just a matter of time. However, for most of the vast majority of computer users and Internet users, Website owners or Web hosting companies, the majority of computer and website attacks by viruses and hackers are not personally motivated at a particular user or company, and are not overly sophisticated. These are the attacks that you can be proactive in preventing if you are willing to take the steps I have outlined here in this two part blog post on securing your computer and Website.

My advice: “Update always and often.” Please feel at liberty to pass this information along to your connections on your favorite social media network by clicking on the share button below or tweet it to your friends and followers. It might save their computers or Website’s life one day, and maybe even more, like for instance your reputation and financial well-being.

Read More
Copy Protected by Chetan's WP-Copyprotect.