I was recently inspired by a talk I listened to by Aaron Campbell, lead for the Core Security Team at WordPress. He inspired me to share some of the ways small businesses can protect their online business.
First off, let me be abundantly clear: Many companies are unaware of how much their business could be impacted by their lack of attention to security concerns. According to the United States Computer Emergency Readiness Team, a successful network intrusion can have severe impacts, particularly if the compromise becomes public and sensitive information is exposed. Possible impacts include:
Security in the digital world is an ever changing landscape and if you are a business owner, you probably can’t afford to handle all of your security on your own. That being said, it’s okay to delegate some of these concerns to people and companies you can trust. If any of these tips are a little too advanced for you, then consider hiring someone (like us!) who can help you in this task.
In the meantime, here are five ways you can protect your online business from security vulnerabilities:
1. Choose a quality web host
One of the best ways to protect your online business is to choose a good web host. A reputable web hosting company will provide you with frequent backups of your data so you can restore it in case of an attack. They will also assist you with technical support, maintenance and security issues 24 hours a day. If you chose a backwoods hosting platform in order to save money, I recommend you think twice about the situation and pay the extra money. Most hosting companies are very affordable anyways so you won’t have to make a major investment.
2. Keep your website up-to-date
3. Be mindful of who has access to your workstation(s)
Does your office environment maintain good safety standards? Unattended devices, inactive user accounts, passwords that include the name of your child or favorite pet… these are all vulnerabilities that hackers can take advantage of in quick order. Maintaining a security conscientious mindset at the workplace will mean avoiding these common mistakes. Another common mistake is providing login information across unsecured networks (i.e. At your favorite coffee shop or hotel). Be sure to investigate to make sure these places have secure WI-FI routers because not everyone values your security like you do!
4. Take good care of information entrusted to you.
Are you an ecommerce business? Your customers entrust you with their information, and if you handle any kind of financial information at checkout, you should use encryption software to protect customers’ financial information. Additionally, you should employ a hosting provider who is PCI compliant. The Payment Card Industry Data Security Standard (PCI DSS) applies to companies of any size that accept credit card payments. If your company intends to accept card payment, and store, process and transmit cardholder data, you need to host your data securely with a PCI compliant hosting provider.
My hosting provider of choice is very good at security best practices and does this very well for my domains, and this is something I watch out for when I design websites with any kind of eCommerce functionality.
5. Get an SSL Certificate for your site
SSL Certificates provide secure, encrypted communications between a website and an internet browser. SSL stands for Secure Sockets Layer, the protocol which provides the encryption. SSL Certificates are typically installed on pages that require end-users to submit sensitive information over the internet like credit card details or passwords. Example pages include payment pages, online forms and login pages. My site has an SSL certificate, and I recommend it to my clients as well. There are different kinds of certificates, but you can get started for as low as a few dollars for a basic certificate.
Bonus tip: Play the long game
Ultimately, keeping your online business secure is playing the long game. The best practices of today may not work tomorrow. There is no way to be 100% secure in the digital world, and if you are not keeping up with best practices like the ones mentioned above, it will eventually catch up to you. That being said, if you keep your software updated and simply pay attention to potential security threats like poor passwords or a bad hosting environment, that will go a long way.
If you are looking for someone to handle your security concerns for you, or simply give you more advice on where to start, my company can perform this service for you at an affordable rate. Additionally, our monthly hosting plan comes with monthly backups and security checkups, as well as an initial audit for security best practices.
Ready to take action?
Lyman Web Design LLC
Wow! I just sped up my website performance quite a bit using Google’s PageSpeed Insights tool. While I still have some work to do, I wanted to share with you some of the things I learned using this tool on my website. If you are a novice web developer, you will find these tips come in handy when you move to speed up the performance your website using Google’s free PageSpeed Insights tool.
Remember that website performance is an important factor in determining your page rank in search engines. If you want to rank high, your visitors need to be able to get access to your content quickly. Long loading screens are harmful to your overall SEO scores.
Here are a few tricks I learned using this tool:
This means inlining the crucial elements of your css and small scripts that you need to load on your home page (the same goes for other pages too). So if you have a script on your homepage that loads a slider showing featured posts, you may consider inlining the CSS for that element of the page if it isn’t too bulky. Too much inline CSS can slow down the page in the long run, but if you can get away with inlining small, crucial elements and make fewer requests to the database to load resources, then all the better.
If you must load several resources in the <head> of your web page, Google recommends Try to defer or asynchronously load blocking resources, if you cannot inline them.
According to Google, “Setting an expiry date or a maximum age in the HTTP headers for static resources instructs the browser to load previously downloaded resources from local disk rather than over the network.”
This isn’t as big of a deal if your server response time is clocked in as being fairly quick, but if your theme is resource heavy, I recommend taking a look to see what you can do to implement a browser cache system on your website. In WordPress, this is as simple as pasting some PHP into your .htaccess file.
Still in the vein of loading resources, keep in mind that your user’s browser has to load each and every image placed on your web page. If your home page uses a hefty background image, as well as several photos for featured blog posts, or an hd photo of you and the crew on the sidebar, all of these resources can stack up. Run your images through an image compressor to cut down on unnecessary space. Oftentimes, you can “losslessly” compress the image and the finished result will be 40%-50% lighter, and still identical to the previous one. There are several plugins available to help you do this in WordPress, or you can just do it manually before you upload your files.
If site performance is important to you (and it should be), these tips should help you dramatically increase your site’s performance if you have any problems with speed whatsoever.
To kick off my blog, I found it fitting to begin with a short introduction to WordPress, the content management system (CMS) I use to host all of my websites for clients (and personal use). Are you considering using a wordpress website for your business? What follows are three reasons why I love WordPress:
WordPress is a superior content management system that evolved from a simple blogging platform begun in 2003. Since then, it has become a tech giant and one of the best options for the web design needs of most individuals and companies. WordPress is the preferred hosting choice for millions of bloggers, as well as many name brand companies like TechCrunch and others. It’s myriad of plugins, widgets, and themes mean that WordPress is only limited by your imagination! Of course, not everything about the system is easy for the non-tech savvy business owner, but WordPress is a huge improvement over many other platforms available on the internet.
I simply love how easy WordPress is to use. WordPress offers so many tools for their users that make designing or using a WordPress website incredibly simple. Their dashboard is simple and intuitive, providing easy answers to a web designers every question as the design process moves along. Whenever I need to debug my installation and answers are not easily found, I can look at the WordPress documentation or support forum and usually find answers right away that solve my problems.
For users, the clean and simple design of most quality WordPress themes (yes, even many of the free ones!) lends itself to an easy, care free experience while they browse your site.
Another benefit of the clean and simple code behind WordPress is that you get a dynamic, updated website that follows the latest standards for sites on the web. The option to add meta tags and descriptions, as well as titles and keywords means that optimizing your WordPress website for search engine visibility is a piece of cake. I recommend Yoast SEO for your WordPress SEO needs.
So you have your new WordPress website set up. What now? Do you need to offer merchandise for sale on your website? There is a plugin for that. Need to publish a church directory that is only accessible to church members registered with your site? There is a plugin for that too! In fact, there are many plugins to choose from so if one isn’t working for you, you can delete it and try another one.
There are many benefits of using WordPress and these three only scratch the surface. For more information about why I use WordPress for my web designs, shoot me an email through my contact form.