Website Security: Practices and Tips

Kevin Posted on Updated on

Your website is an asset of your business that has just as much, if not more, value as your company computers, cars, and other resources.  It can be a 24 hour source of information or income with a global reach.  Assets with that much potential worth should definitely be protected, so we’ve put together a list of tips to help you protect your business’ investment.

Strong Passwords!

Setting strong passwords is the backbone of web security.  There is no firewall, certificate or code that will stop someone from getting into your site if your password is password or 123456.

  • Use a service, like howsecureismypassword.net, to check if your password is strong.
  • Use long passwords, at least 8 characters long.  The longer the better!
  • Use numbers and symbols.
  • Don’t use your name, domain name, children’s names, or other easy-to-guess nouns or dates.
  • If possible, don’t use real words.
  • Reset your passwords often.
  • Don’t use the same password over and over for different services.  Once someone has it for one thing, they have it for them all.
  • Use a password manager, such as Dashlane, to manage and secure your passwords.

SSL Certificates

SSL certificates encrypt information sent to and from the website.  This helps to prevent someone from intercepting passwords, usernames, email addresses, etc., as they are sent to the website.  Make sure your website has an SSL certificate issued by a respectable source installed.  You can read more about SSL certificates here.

Firewall Services

Use firewall services, like CloudFlare, to manage who can access your site.  CloudFlare uses JavaScript challenges and pattern recognition to control who can see your website, which helps to limit the number of automated break-ins since bots can’t read or respond to JavaScript.  You can also use CloudFlare to challenge or even block entire countries from being able to access your website. You can read more about firewalls here.

Communicate

Talk to your host or developer about the security measures in place on your site.  Ask about current trends and safety practices, not only on the developer side, but also on the user side to make sure that you are doing everything you can to help keep your site secure.

Share on