Website security isn’t the most exciting topic, we get it! But not thinking about it could put your business at serious risk.
Your website is a valuable business asset, and if compromised, it puts your business reputation on the line, plus potentially your customer privacy. With GDPR rapidly approaching, securing your website is now more important than ever.
If your site is targeted, you could lose revenue for every day that it’s down. What’s more, sites that are compromised are penalised in Google afterwards (and marked with “This site may be hacked“) meaning you’ll continue to have your traffic and reputation affected even after your site is recovered.
Who is at risk?
Recent security breaches have demonstrated that no business is safe from hackers, malware and ransomware, with giants like Equifax and the NHS being affected.
The National Cyber Security Centre (NCSC) has revealed that at least half of all small businesses had a website security breach last year, with many not even realising what had happened.
The reasons for the security issues are wide ranging, but many of which can be easily fixed. For example, according to Sucuri 56% of WordPress websites that got hacked were using an out of date version of WordPress. Many others that were affected were hit through plugins with vulnerabilities. Plugins can come automatically installed with off-the-shelf themes, and businesses often don’t realise the risk associated with having these plugins on their website.
What can you do about it?
The NCSC recommends all businesses back up data and prevent against malware attacks at a minimum.
At Cognique, we make this effortless for our website clients, by offering daily backups and monitoring as an add on service.
As part of our Security and Maintenance Service we:
- Create daily backups at a specified time, so you’ll always have a current backup.
- Install any required updates to WordPress or plugins as soon as possible.
- Install and configure the WordPress Sucuri plugin to add that extra layer of security to your website.
- Monitor and action any suspicious activity.
- Configure an SSL certificate, encrypting data transferred on your website.
- In the unlikely event of a hack, we’ll perform a security cleanup to remove any damaging files and reset all your passwords.
It also goes without saying that we would never use plugins known to have a vulnerability on our client sites, we stick to reputable plugins and always keep them updated with patches as required.