The internet has become a mature marketplace, and increasingly small factors differentiate online enterprises when consumers visit ecommerce websites. In light of recent scandals about the misuse of customer data, website security is now a key trust factor and a leading metric in retaining or losing custom.
WestHost knows all about site security. We’re often among the first to identify new threats or challenges, so we’re ideally placed to recommend how clients could improve their own website security. These five steps could make a real difference to the security and dependability of your company’s online presence – and even its long-term future…
#1. Upgrade to SSL.
A Secure Sockets Layer encrypts information being sent between your website and a client device. That means that if sensitive data like credit card details is intercepted, it cannot be interpreted or deciphered – it is completely unreadable. Customers are increasingly reluctant to trade with companies without an SSL certificate, the presence of which is demonstrated by a padlock, an https web prefix, or a green browser bar. Acquiring an SSL certificate is relatively straightforward, and WestHost has an order form in our member’s area. We’ll even help you install the certificate once it’s been created.
#2. Outsource payment portals.
There are considerable regulatory burdens involved in storing customer data in-house, particularly for firms trading in the EU post-GDPR. It’s far simpler to outsource payment processing to a third-party agency. External providers may involve consumers briefly navigating off-site, but this is usually a smooth process. You might also want to consider electronic payment services like PayPal and Stripe, which adopt responsibility for storing financial information on your company’s behalf. WordPress websites often deploy WooCommerce – an out-of-the-box payment solution that doesn’t hold onto personal data.
#3. Keep software up to date.
The previous point touched on WordPress – a composite site-building tool believed to underpin a quarter of the world’s websites. WordPress’s ubiquity is partly thanks to its directory of over 55,000 plugins, performing unique roles and ready to be bolted onto the main platform. Sadly, plugins are only as robust (or secure) as their developers, many of whom are enthusiastic amateurs. Some plugins stop working, while others are retrospectively patched as website security issues come to light. Keeping plugins updated is crucial for preventing criminals accessing your site via vulnerable interfaces like web forms.
#4. Regularly change passwords.
Can you guess some of the most commonly used passwords in America? If you came up with ‘123456’, ‘qwerty’ or ‘password’, you deserve a medal, unlike those who jeopardize website security with such predictable passwords. If a hacker is able to penetrate a site’s defenses, he or she could steal any information stored therein. And since most companies don’t survive data breaches, lazy passwords are an avoidable disaster in the making. Compile random passwords containing upper and lowercase letters, numbers and symbols. Change them periodically, or whenever a staff member leaves. And consider two-factor authentication logins for additional user security.
#5. Choose a proactive hosting partner.
Unless you’re confident about keeping a website live on an in-house network, you’ll need a hosting partner. These firms act as a bridge between data and clients – hosting and distributing content while keeping it safe. At WestHost, our data centers have military-grade security, staffed with knowledgeable IT professionals. We use servers capable of shrugging off DDoS attacks and repelling zero-day malware attacks, which are launched as soon as they’re created. We mirror site data in multiple locations to keep websites operational, with round-the-clock tech support should any issues arise. In other words, it’s time to stop worrying about security – and start concentrating on finding more customers…