Online safety: wrapping your business website in bubble-wrap

The Internet can be a fun and exciting place to explore or expand a business, but harmful computer viruses travel around using it, as do hackers, and they could seriously damage your businesses computers, servers and reputation.

When was the last time you took a look at your website and wondered what would happen if there was a server failure? Is vital data being backed up? What if a hacker was to infiltrate my database and website scripts? How long could your company survive being offline? These questions need answering, as damage caused by online computer viruses can be catastrophic!

We have heard horror stories from new clients who have previously either lost data due to corruption of hard discs, viruses spreading in their system causing an endless amount of havoc. We always recommend that they address this issue as a few preventative measures can be what will save their business’s reputation and keep them trading should the worse happen.

In a security health check we carried out for a client who had a dedicated server hosted by another ISP, we established that their MS SQL database was not being backed up regularly and also their website files and data were only being stored in the live dedicated server. This is an extremely worrying and alarming situation considering their whole business runs and is operated online, from customers carrying out orders to the management of client data and sending orders to suppliers. Staff commissions and business reporting was all being handled by the online application we created.

When we spoke to the client we raised concerns and said “what would happen to your business if your server was to stop working and all data on it was lost? What would be the cost and damage to your business?” He replied by saying years of data and work would be lost and the business would literally have to start again from scratch.

We all assume that our website hosts will keep a backup for us and we just rely on this. In many instances this is not the case, especially so if you are leasing a dedicated server or Virtual Machine. In the example above, our client had a security test carried out by their merchant account provider and the results of the test showed that ports were open, secure certificates encryption rates were not set high enough and there were various other server vulnerabilities.

The things to look out for or ask are;

  • Ensure your ISP backs-up your data, otherwise arrange for an automated backup of important information
  • If your site uses SSL Certificates, ensure that they are properly installed and are at least 128 bit encryption
  • If you have leased a dedicated or virtual server, is support included? If not, are you backing up data? If it is included, is the Support Company or IPS backup the data for you?
  • Have you checked your sites scripts to ensure that they pass basic security checks? There are various online tools which allow you to check for basic vulnerabilities.

If you invest in the right security precautions, whilst there will be some up-front costs, if these measures ensure that your business can remain operating in a disaster, then the money saved will definitely outweigh the initial outlay and reduce the exposure your business will have to the many risks which exist online.

You wouldn’t leave your office door unopened, allow people you do not know have access to your client list and allow them to use your office stationary. Why think any differently when creating or hosting your website?