- Shop around when choosing a web host - Web hosts aren't created equally. Some offer 24/7 customer support, back up client websites nightly, and perform active threat monitoring. Others don't. To avoid a buyer beware situation, ask your web host what sort of protective measures they use. A good host should use a firewall which parses all incoming traffic before allowing access, and train staff in security threats and prevention measures. A good host should also offer malware and threat prevention and protection. Before you commit, ask any web host for customer testimonials or references, as Huffington Post suggests.
- Know the threats - The more you know, the more you can do to monitor your website against threats. Follow blogs from your web host, and from antivirus companies like Sophos and MacAfee. Computing and internet notables like Gizmodo, CNet, Slashdot, ZDNet, Smashing Magazine, and Wired are other knowledge bases. Not only can you learn industry best practices and trends by doing this, you'll have an ear to the ground when security issues arise. Familiarize yourself with phishing, malware and online identity theft using online resources from Antiphishing.org and IdentityTheftProtection.org.
- Organize and back up your own data - As a website owner, some responsibility falls on you to maintain data backups. Ensure that you have at least one current website backup at all times. McAfee recommends encrypting any personal data stored on your devices so that criminals cannot obtain your business financial records or important passwords if a laptop or USB drive becomes lost or stolen. Maintaining encrypted backups ensures that you can get your website up and running again quickly if something goes wrong.
- Pay for website security protection - As a second line of defense, consider paying extra for security protection including malware and phishing monitoring. As the Better Business Bureau's Katherine Hutt tells Bloomberg Business Week, small businesses are especially vulnerable to hacking since they often lack extensive IT staff to target the problem. The Better Business Bureau itself was subject to the second largest phishing scam in the U.S., which subsequently threatened many small businesses. Consider a $200 investment in annual website security money well spent if it means less active time spent monitoring websites for SQL injection, malicious code inserted via web form, phishing emails and other attacks.
- Use secure socket layer certificates (SSLs) anytime sensitive information is exchanged - Not only is this good business practice, it can prevent third parties from spying on information exchanged via web form, shopping cart or other user-submitted text exchange. SSL certificates initiate a secure connection between the user's web browser and the host server using a cryptographic key and padlock. A user shopping via a secured website will see a small padlock and the letters "https" instead of "http" in the URL bar, according to GlobalSign.com. Adopting SSL anywhere customers must provide information can increase your reliability and trustworthiness, and protect both enterprise assets and customer relationships.
5 Ways to Protect Your Website from Cybercrime
Security giant Norton reported that 431 million adults in 24 countries experienced cybercrime in 2012, with losses totaling $388 billion. As a website owner, preventing cybercrime protects your business data, preserves your reputation and generates customer goodwill. Adopt these 5 practices to begin securing your website from cyber threats: