Protecting Your Business Website

You wouldn’t install a cheap lock for your front door, so why make your password easy to guess? A strong password is a quick and simple way to make sure your business website is secure. Too many business owners rely on using simple and easy-to-remember passwords across all their websites and devices. If one account gets hacked, every application and website that uses that password is in danger.

A strong password has these four elements:

• 12-14 characters long
• A mixture of uppercase and lowercase letters
• Uses numbers and symbols in combination with letters
• Unique to website

You can also use a two-factor authentication as an added barrier. Two-factor authentication (2FA) checks two contact methods before allowing someone to sign into your account. In most cases, a notification goes to your email or phone number with a secondary code you’ll use to gain access to your business website.

An SSL (Secure Sockets Layer) Certificate isn’t a physical paper you display on your website like a college diploma. SSL certificates allow your website to use an encrypted connection, which secures the communication between a website and its users. Installing an SSL certificate on your business website protects you and your visitors’ private information.

SSL certificates appear in a website’s web address as an ‘s’ in the first part of the domain name (for example, https://www.northwestregisteredagent.com). Without an SSL certificate, websites are open to cyber attacks, and search engines like Google warn visitors away from them.

Get top-shelf SSL security, free for 90 days, when you hire us to be your registered agent or form your company. After your free trial, it’s just $9 a month to keep your website security active, and you can cancel anytime. 

You don’t need to be a website security professional to use the top tools in the industry to secure your website. Many anti-virus and anti-malware software is available for free or a fee for the public to use. Depending on what website builder you choose, you can even use some of the tools and plug-ins they have available.

For example, most web hosts offer these website security tools by default:

• SSL certificate
• Firewalls
• Cyber attack monitoring
• Regular website backups

There are additional features, add-ons, and plug-ins web hosts or website builders offer for their paid accounts. You can also purchase software from private sellers. But be sure that its from a trusted programmer and is compatible with your business website.

Web Application Firewalls or WAFS protect websites from potential hacker accounts. You can think of firewalls as shields against nefarious visitors trying to attack your website. There are different types of WAFS you can use but they all operate on a blocklist or allowlist procedure.

Blocklist WAFS block any user or traffic you deem harmful to your website or that may pose a risk. Allowlist WAFS only allow pre-approved users on your website. It’s important to know that WAFS don’t protect your website from all types of cyber attacks, but they are a helpful tool for stopping most cyber attacks.

Keeping a website updated goes beyond changing phone numbers and office hours. You’ll need to be sure to check any virus guards, security plug-ins, and certificates to see if they are expired or even malfunctioning. Don’t worry, though, most website builders offer auto-updates.

To turn on auto-updates on a WordPress website, follow these steps:

1. Go to your admin dashboard by signing into your WordPress business website
2. On the left-hand side of your admin dashboard, click Updates
3. Within Updates, click Enable Automatic Updates

Depending on what add-ons you have on your business website, you can also set them to auto-update plug-ins and other applications. Even with auto-updates turned on, be sure to have a schedule for checking your website for needed updates or vulnerabilities from outdated software.

Backing up your website means saving all the information or data, like email addresses, payment methods, and photos. Website backups keep you from losing important information if you’re blocked from your site after a cyber attack. You can backup your website by using a specific service or by using a plugin offered through your website provider.

To backup your business website on WordPress, you’ll need to:

1. Go to your admin dashboard by signing into your WordPress business website.
2. On the left-hand side of your admin dashboard, click Plugins
3. Search for backup plugins in the available features
4. Select one that has the additional benefits you want, like auto backups and security monitoring
5. Once selected, go back to the plugin dash
6. Select the backup plugin you picked and go through the setup steps

A good habit to have is to backup your website every time you update it or on a schedule. Backup your website more frequently if you have a large site with lots of traffic and transactions.

If you are the only owner and member of an LLC or corporation, you only need to keep yourself aware of these website security components. Companies with multiple members and employees need to make sure everyone is aware of cyber attack risks, like phishing. Phishing attacks are when a hacker uses fake communication to gain access to your website.

For example, you receive an email from a hacker pretending to be a website administrator requesting you update your password. Once you click a link in the email or provide the sender with your password, you’ve given a criminal a key to your website and potentially your computer. To protect your business from phishing and other cyber attacks, make sure you and your employees know how to identify cyber attacks. The Federal Trade Commission offers educational resources like quizzes for small business owners and their employees.