5 Ways to Keep your Online Business Secure

5 Ways to Keep your Online Business Secure

I was recently inspired by a talk I listened to by Aaron Campbell, lead for the Core Security Team at WordPress. He inspired me to share some of the ways small businesses can protect their online business.

First off, let me be abundantly clear: Many companies are unaware of how much their business could be impacted by their lack of attention to security concerns. According to the United States Computer Emergency Readiness Team, a successful network intrusion can have severe impacts, particularly if the compromise becomes public and sensitive information is exposed. Possible impacts include:

  • Temporary or permanent loss of sensitive or proprietary information,
  • Disruption to regular operations,
  • Financial losses relating to restoring systems and files, and
  • Potential harm to an organization’s reputation.”

Security in the digital world is an ever changing landscape and if you are a business owner, you probably can’t afford to handle all of your security on your own. That being said, it’s okay to delegate some of these concerns to people and companies you can trust. If any of these tips are a little too advanced for you, then consider hiring someone (like us!) who can help you in this task.

In the meantime, here are five ways you can protect your online business from security vulnerabilities:


1. Choose a quality web host

One of the best ways to protect your online business is to choose a good web host. A reputable web hosting company will provide you with frequent backups of your data so you can restore it in case of an attack. They will also assist you with technical support, maintenance and security issues 24 hours a day. If you chose a backwoods hosting platform in order to save money, I recommend you think twice about the situation and pay the extra money. Most hosting companies are very affordable anyways so you won’t have to make a major investment.


2. Keep your website up-to-date

When was the last time your website was updated? Even if it still looks decent on a screen, you may need to update the software, frameworks, extensions, etc. that are driving your site. If you’re in a content management system like WordPress, you should update the WordPress core, plugins, and themes, on a regular basis. A website with plugins that are several years outdated can introduce all sorts of PHP vulnerabilities that you could easily avoid just by updating to the latest version in your WordPress dashboard. Internet technologies advance quickly, and when your site is running PHP, Javascript, CSS, HTML, and code from several third party sources (most wordpress installations have all of these), there are several technologies that may be advancing and your site could be getting left behind with outdated software that is prone to being hacked.


3. Be mindful of who has access to your workstation(s)

Does your office environment maintain good safety standards? Unattended devices, inactive user accounts, passwords that include the name of your child or favorite pet… these are all vulnerabilities that hackers can take advantage of in quick order. Maintaining a security conscientious mindset at the workplace will mean avoiding these common mistakes. Another common mistake is providing login information across unsecured networks (i.e. At your favorite coffee shop or hotel). Be sure to investigate to make sure these places have secure WI-FI routers because not everyone values your security like you do!

4. Take good care of information entrusted to you.

Are you an ecommerce business? Your customers entrust you with their information, and if you handle any kind of financial information at checkout, you should use encryption software to protect customers’ financial information. Additionally, you should employ a hosting provider who is PCI compliantThe Payment Card Industry Data Security Standard (PCI DSS) applies to companies of any size that accept credit card payments. If your company intends to accept card payment, and store, process and transmit cardholder data, you need to host your data securely with a PCI compliant hosting provider.

My hosting provider of choice is very good at security best practices and does this very well for my domains, and this is something I watch out for when I design websites with any kind of eCommerce functionality.


5. Get an SSL Certificate for your site

SSL Certificates provide secure, encrypted communications between a website and an internet browser. SSL stands for Secure Sockets Layer, the protocol which provides the encryption. SSL Certificates are typically installed on pages that require end-users to submit sensitive information over the internet like credit card details or passwords. Example pages include payment pages, online forms and login pages. My site has an SSL certificate, and I recommend it to my clients as well. There are different kinds of certificates, but you can get started for as low as a few dollars for a basic certificate.

Bonus tip: Play the long game

Ultimately, keeping your online business secure is playing the long game. The best practices of today may not work tomorrow. There is no way to be 100% secure in the digital world, and if you are not keeping up with best practices like the ones mentioned above, it will eventually catch up to you. That being said, if you keep your software updated and simply pay attention to potential security threats like poor passwords or a bad hosting environment, that will go a long way.

If you are looking for someone to handle your security concerns for you, or simply give you more advice on where to start, my company can perform this service for you at an affordable rate. Additionally, our monthly hosting plan comes with monthly backups and security checkups, as well as an initial audit for security best practices.

Ready to take action?


Calvin Lyman

Lyman Web Design LLC


Office: (405)-696-7824




About the author

Calvin Lyman administrator

Leave a Reply