Five steps to keeping your website secure

TIEM Design, one of our core members here at The Cyber Resilience Centre for the West Midlands have written this guest blog on website security and 5 simple things you can to do to make your website more secure.


The internet is such a fast-paced environment for any size business, which is why it is important to keep up to date on the essential elements. Of course, you need to think about your SEO and how your website is getting found to enable the key function of your online presence. However, you also need to protect your site from security breaches, especially with e commerce websites.


Don’t let your website become vulnerable

If you are trading online, it’s vital to make sure your website is secure. Your customers will be entering personal details such as their address and card information and placing their trust in your company. To ensure you protect them and their information, it is important to make them feel safe as well as to actually be safe when purchasing on your website.

A business of any size can be attacked, in fact quite often small businesses are targeted because they are small and attackers believe it is easier to breach their security and cyber defences as any action may go unnoticed for longer periods of time.

1) Use a website hosting provider who are strong on security.

Hosting your website shouldn’t be decided by price. To keep your website protected, check that your hosts have a secure server as well as excellent support if there is an issue.


TIEM Design always use GoDaddy as they provide hosting packages that are secure with options that are tailored specifically for WordPress, as well as their excellent 24 hour support with human advisors on the end of the phone. Having people to talk to and guide you through solutions is a great reassurance if your defences are down and an important consideration in choosing your hosting provider.


2) SSL Certificates

An SSL certificate creates a secure connection between your users and your website.

An example of this could be if you have a contact form on your website that takes a user’s email and phone number. If the site is without an SSL certificate, those details are sent to the server as they are inputted. A hacker is then able to gain access to the user’s IP address and other information from their computer.


With an SSL certificate, all of this information is sent encrypted. Therefore, this is vital for ecommerce websites where a customer’s address, payment details and other personal information is shared.


3) Payment gateways

An easy way to get customer data away from your website is using a third-party payment gateway. There are many secure options out there such as Stripe and PayPal. By using a gateway, it protects your customers further as their payment details are not on your website and this then means that your website becomes less risky as a result.


Using these gateways means that you’re using the experts in ecommerce data handling, it is common practice to use this approach and let them do what they do best! Your clients will be used to using other third-party gateways so they will know the processes and safety level, feeling reassured by your choice in online transaction process.


4) Keep your website updated

As hackers seek to find weak entry points, website providers are there to find ways to fix them. However, if you don’t update your website then you are still at risk of these.


Many of our clients find it challenging to keep on top of their website updates and security management, needing to focus their time on other elements of running their business.

We offer monthly maintenance packages to keep on top of these for our clients and ensure that we are part of the line of defence against any possible breach of security.


5) Get your policies straight

Getting your policies straight right from very beginning supports how your website is maintained. Starting with good habits and well embedded processes to stay onto top of updates and policies will set your website on a strong path for the future.


Actions that may seem small can make a huge difference such as using secure passwords as a team and constantly resetting them as regular intervals and making sure that all of your policies are in line with GDPR requirements and are up to date.


This also develops security practices within the business, for example never holding client data, and keeps your team aware of how to work within best practice to keep your clients and your site as safe as can be.


Find out more about how we can help you to develop your online presence in safety at www.tiem-design.com




The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.