There’s no excuse for not taking web security seriously – especially during National Cyber Security Awareness Month (NCSAM), which officially kicks off on October 1. You probably have all sorts of security features installed on your computer to help protect your hard drive from malicious threats; however, do you ever think about protecting your organization’s website and information stored online?
If you and your online business are ready to take the next step in cybersecurity, check out these five website security recommendations for any company.
Implement Security Measures Before You Need Them
Security is a preventive measure, not a reactive one. Any security service is best put in place as early as possible, so you’ll always be ready. Just as the saying goes, “it’s better safe, than sorry.” Being well prepared for any and all attacks will give you peace of mind knowing that your information is protected.
Utilize a Web Application Firewall (WAF)
OSI layer 7 is that small part of the Internet’s infrastructure that sits closest to users. Although this is a critical place requiring security protection, it is too often neglected. A WAF is a useful way to patch up many security vulnerabilities or tiny cracks in the system. There are WAFs for companies of all sizes, but it’s best to find one that offers free Distributed Denial of Service (DDoS) protection.
Encourage Safe Security Practices
A security system is only as good as its users. All the security in the world won’t protect you if your login credentials are guarded by a weak password. The absolute worst password creation practices? Using the same password everywhere, setting your username as your password or choosing an obvious password like “passw0rd.” Have trouble remembering passwords? Don’t become one of those people whose passwords are written on sticky notes stuck on your desk. Keep your passwords stored somewhere safe away from your computer.
Always Plan for the Worst
It’s easy to install antivirus software and never give it a second thought. But if the unthinkable does happen, you don’t want to have to think up a solution on the spot. You need to be ready for the worst-case scenarios, including how to recover from DDoS attacks or information deletion. Also, it would be wise to be ready to take action and disclose attack information to your online customers if need be. Preparing in advance might seem unnecessary, but your website users will appreciate your prior planning.
When exploits are identified, software companies release patches and updates to remediate the issue. This goes for software on your computer, as well as CMS tools. If you get a reminder to install an update, don’t wait. Updates can help keep your website healthy with the most recent security patches.
Properly protecting websites is one of the first steps every business should take in cybersecurity. Remember, a protected web surfer is a happy web surfer! Be sure to check staysafeonline.org for more updates regarding NCSAM during the month of October!
About the Author
Jon Dunbar is the Localization Manager for Cloudbric, a cloud based web application firewall that offers comprehensive website protection from online cyber security threats.