We talked in a previous post about how building a custom website is an investment for your business. But what are you doing to protect that investment when it comes to security?
During our time in the industry, we have heard stories from business owners about the security issues they've faced. Some have even had to go as far as to remove their website due to a breach. Knowing the time and effort that is put into building a custom website, one can only imagine how frustrating it would be to have it hacked.
There are a number of potential reasons your site may be at risk, including your hosting provider, the strength of your login credentials, and/or the vulnerability of your site’s plugins.
Security is a top priority for our team. Although we are designers, both Amy and I spent a number of years working for technology firms. We've been in that world and understand the steps it takes to stay protected and prevent security breaches.
We use this knowledge to protect our clients and their investments. When we build a website for your company rest assured that we vet each and every CMS component for quality. Additionally, we provide your team with techniques and instructions for maintaining the life and security of your website once it's launched.
Time is money and the time dedicated to building your website should not become a loss due to security. Starting today there are a handful of things you can test and update on your website to make sure it's protected.
• • •
The first step is to make sure your website is running the latest version of WordPress. If you're a few versions behind, we highly recommend pulling a backup of your site first before running updates, in the event that there are compatibility issues. Now check that all the plugins on your website are using the latest version too. Update them one at a time and check the front-end of your site in between to make sure nothing on the page(s) has stopped working. If your web developer has done their job well, you should have very few issues when updating plugins or WordPress. It's important to note that some plugins may require the purchase of a new license before updating. While it's not always necessary, we recommend that you do so to ensure the security and longevity of your website.
The next step is to remove any site users who are no longer active. Inactive users are a door for hackers and without knowing how secure each user’s passwords is, you could be putting your website at risk. Speaking of passwords, make sure you are using a unique and strong password. Have your site users update their passwords on a regular basis and provide them with instructions for creating more secure passwords. Here is a quick guide on how to make a strong password. It’s important to know that passwords are not the only credentials that must be secure. Your username could be at risk too if you’re still using the default “admin” or “administrator”. Here is a quick guide on why and how to change the default username on WordPress.
Finally, review your hosting provider. If your not familiar with who they are, we advise that you read reviews online to find out what kind of experiences other companies have had with them. There are a lot of affordable and quick options out there. But when it comes to protecting your website you should be looking for reliable, secure, and trustworthy. Here a some of the top providers we recommend for your WordPress website: WPEngine, Flywheel, Siteground, or Dreamhost.
• • •
Protect your business by protecting your investment. If you do not have someone on staff who can keep up the security and hosting of your website then we advise you to reach out to an IT firm in your local area. If you have questions about protecting or updating your website we can be of assistance. Send us a message and let us know how we can help you.