Inside the Briefcase

Ironclad SaaS Security for Cloud-Forward Enterprises

Ironclad SaaS Security for Cloud-Forward Enterprises

The 2015 Anthem data breach was the result of...

The Key Benefits of Using Social Media for Business

The Key Benefits of Using Social Media for Business

Worldwide, there are more than 2.6 billion social media...

Gartner IT Sourcing, Procurement, Vendor and Asset Management Summit 2018, September 5 – 7, in Orlando, FL

Gartner IT Sourcing, Procurement, Vendor and Asset Management Summit 2018, September 5 – 7, in Orlando, FL

Register with code GARTITB and save $350 off the...

Infographic: The Three Pillars of Digital Identity: Trust, Consent, Knowledge

Infographic: The Three Pillars of Digital Identity: Trust, Consent, Knowledge

8,434 adults were surveyed to gauge consumer awareness of...

FICO Scales with Oracle Cloud

FICO Scales with Oracle Cloud

Doug Clare, Vice President at FICO, describes how Oracle...

4 Website Security Tips For SMEs

October 17, 2017 No Comments

Featured article by Gary Stevens, IT Analyst

Small business owners generally don’t take internet security that seriously. I understand, of course: a lot of SMEs are so focused on their day-to-day business that they have no extra time to worry about the complexities of website security.

There are other problems, however. A lot of small businesses simply think that they have nothing worth stealing, and that they are too small to ever be the target of a cyber-attack. I shouldn’t have to tell you that this is a mistake, but I will.

Bear in mind that website security is about a lot more than just preventing cyber attacks. A properly thought-through security system will also prevent a lot of everyday problems that can cost a significant amount of money. Research on the financial impact of downtime suggests that your website being down for even an hour can end up costing you a lot.

Today, I’ll take you through 4 ways to improve security on your website. None of them will take up that much time, and ultimately could end up saving your company from experiencing downtime, having your data stolen, or worse.

1. The Basics

If you remember when the internet was new, you probably also remember how careful we were in those days about passwords. Nowadays, with so many passwords to remember for so many different systems, we’ve all got a bit lazy.

It may seem strange to mention this here, because using strong passwords is such an obvious way of improving security, but a lot of SMEs have stopped paying attention to this kind of basic security. If you haven’t changed your passwords in a while, or have the same password for a lot of your systems, change them now.

2. Keep Your Systems Updated

Again, a pretty basic step, but an important one. As security experts told the Telegraph recently, hackers never stop innovating, but a lot of SMEs are still using security tools from 10 years ago. Updating these systems need not involve spending a lot of money on security consulting, but merely a few hours spent researching new solutions.

It’s also important to realize that a lot of standard systems, such as Windows, have a lot of security features built in, but also that these are next useless unless they are updated. If you see one of your employees click that “remind me later” button, be concerned.

3. Train Your Staff

This leads onto my next point. A lot of security breaches are actually caused by poor staff practices. Most of the time, vulnerabilities creep into systems because staff take shortcuts that improve their speed and productivity. This is great, but if it comes at the cost of making your systems unsafe, should be highly discouraged.

The key, here, is staff training. Even staff who have been working with computers for years are sometimes unaware of practices that might are second nature to you. Again, implementing staff training need not be expensive – you probably already have a member of your team who is more tech-savvy than most, and organising short peer training sessions is often enough to improve your overall security.

4. Look At Your Infrastructure

If you really want to take security seriously, you need to look at the infrastructure your are using. While this may sound complicated, it’s not. It merely requires the realization that every system you use can introduce vulnerabilities into your IT, and that you therefore need to look at some basic systems that you may have forgotten about.

Of particular note here is your web hosting provider. If you’re business has been going for a few years, perhaps you’ve even forgotten who that is! However, be aware that not all web hosts are equal, and research suggests that your choice of web host can have a huge impact on the security of your website.

5. Create A Secure Environment

I know, I know, I said there would be only 4 tips! However, creating an environment in which security is taken seriously should be your ultimate aim, and is the most important part of any security strategy. As Jennifer Shiels, a member of the UK Home Office’s Cyber Aware Campaign, recently told the Telegraph, “protective behaviours should be as second nature as locking front doors”.

What this means in practice is making sure that all of your staff take internet security as seriously as you do.

Gary Stevens is an IT analyst working the DC area. He’s a part time blogger and blockchain enthusiast.



Leave a Reply




Gartner IT Operations

SuperCharge Your Cloud

American CISO

IBC 2018

ITBriefcase Comparison Report