Website security breeches are on the rise in Canada. Thirty-three of 125 Canadian companies who took a recent Malwarebytes survey had paid ransoms ranging between $1,000 and $50,000 to have the cyber attackers release their data; 11 of them temporarily closed down to cope with the breech.
Regardless of whether you store data such as customer contact info and credit card information, you should be doing everything in your power to secure your site because downtime while you try take back control of your site, and fix the mess the hacker may have made, is costly.
Here are two easy ways you can enhance security of your website:
Get an "SSL" certificate for your website’s URL
A cheap and easy way to add a level of security is to buy a Secure Sockets Layer (SSL) certificate for your website domain. An SSL helps protect your website from attacks, and lets your visitors know your content is reliable and secure. Here's how it works: when you add an SSL to your website, a user’s connection to it will be encrypted, which prevents hackers from intercepting any data.
It's possible you already have an SSL; here's how to tell: rather than your website address beginning with http:// it will begin with https:// and you will see a padlock icon in the URL bar.
And some good news: an SSL is easy and cheap to set up. Contact the company you buy your domain (URL) from and they'll have pricing and setup instructions. To give you an idea of the price to expect, Go Daddy currently offers an SSL for under $100 per year.
Choose your CMS carefully
Security is a huge pro for building your site on a closed-source platform such as Squarespace or Shopify. These platforms have professionals responsible for keeping the system safe. Plus, they are liable if a security breech happens. If you build on open source platform like WordPress then security is your responsibility to setup and maintain.
You likely already have a site, so if it is built on open source, you'll want to ensure you are protected by working with a professional who understands security. They will likely keep a close eye on your login page, PHP code, temporary files, plug-ins and old web applications (all the places hackers usually find their way in).
This is just the tip of the iceberg when it comes to web security, but get an SSL and do your best to secure your CMS, and you'll be well ahead of many other B2B companies. Once you have taken care of these two steps you'll be ready for more advanced security measures.