Every business that stores employee, business partner or customer details in an electronic database or on a website has the responsibility of keeping that information safe and secure. Yet all too many small businesses allow website security to fall to the bottom to-do list because they have so many other things to worry about.
The reality, however, is that small businesses can no longer afford to ignore cyberthreats such as hackers and malware. Laws such as the Protection of Personal Information (PoPI) Act dictate that South African small businesses treat all private customer details they manage or store in a secure manner. Besides, the consequences of falling victim to an information breach or ransomware attack can be devastating.
GoDaddy research found that 7% of small South African businesses reported being victims of a cyber-attack. For those who did, the consequences were severe. Those attacked reported that it shut down their business for some time, customers couldn’t reach them, they had to spend money to repair systems, and they lost access to accounts needed to service their customers. Could you afford to lose your customers’ e-mail addresses or be unable to quote or invoice for a few days?
With large companies spending so much money and effort on information security, cybercriminals often regard small businesses as a softer target. The good news is that it’s no longer as complex, time consuming or expensive as you might think to protect your assets (your data and sensitive customer details).
Here are five simple security best practices that will help you win your customer’s confidence and trust:
- Get an SSL certificate for your website
- Use a trusted website host
- Do regular backups
- Monitor your website
- Use strong passwords
Let’s dig into each of the tips in more detail.
1. Get an SSL certificate for your website
An SSL, or Secure Sockets Layer, certificate is a must for every website. This certificate encrypts data sent to your website and the customer’s browser, so that someone who intercepts the data will not be able to read it. That means customers can be sure that no one can steal their credit card information when they’re making a payment on your website, for example.
An SSL certificate is what gives trusted sites the green lock in the address bar. That lock icon is proof to visitors that you care about their data. Your site looks safe and it’s making the internet safer. If a customer visits your website and there is no SSL, their browser will warn them. They may think you are running an unprofessional or downright dodgy outfit.
In addition to giving the customer peace of mind, SSL gives Google confidence in your website. Without an SSL certificate, Google Chrome will mark your site as “not secure”, which can affect your rankings in search results. There is no point failing at this hurdle after all the effort you put into search engine optimisation (SEO).
Check out our SSL Certificates to find out how easy and affordable it is to get your own little green lock.
2. Use a trusted website host
Website security begins with choosing the host. Look for a hosting partner that has a strong track record in keeping its customers’ websites safe and that can offer a selection of tools that make it easy for you to manage your website. GoDaddy offers a variety of security tools, including malware removal, to help protect your site. You can also opt for a managed hosting solution, which takes much of the weight of security off your shoulders and makes it the job of an experienced provider.
3. Do regular backups
Even if you are doing nearly everything right, there is always a small chance that a new malware variant will slip through the net or that a hacker can find a vulnerability in your software that grants them access to your data. That’s why you should back up all your website data and all your sensitive information. That way, you can recover and restore your data if your website is compromised. GoDaddy offers some useful tools that enable you to schedule automatic backups, so you don’t need to worry about it. You can just get on with your life knowing you are protected.
4. Monitor your website
You need to be proactive if you want to stay one step ahead of the bad guys. Take advantage of tools that can help you monitor and ward off cyberthreats before they can even touch your website. GoDaddy Website Security, for example, automatically runs security scans on your website to keep nasties like malware away.
It will warn you of malware, blacklisting on Google and cyberattacks. If your website has already been infected with malware, GoDaddy offers Express Malware Removal to help fix your website when it’s hacked. That means you can relax. Your site is safe, fast and has proactive, 24/7 malware protection.
5. Use strong passwords
One of the most common ways small business owners open themselves to cyberbreaches is by failing to take care with the passwords they use. For example, if you leave the password for your website admin account on a Post-It note in your office, anyone who visits can take note. Or if you use an easily guessed password like ‘guest’ or ‘12345’, a hacker might guess it and gain access to your customer details.
Here is how to manage your passwords:
- Do not use the same passwords on multiple websites. If one website you use is compromised, you don’t want a cybercriminal to be able to use the same password on every single account you have on the web.
- Use at least 12 characters and mix up letters, numbers, upper case, lower case and symbols to make it impossible to guess your password.
- Change your passwords every three months.
- Store your passwords in a password manager so you don’t need to keep track of dozens of complex passwords on paper or in your head.
Keeping your customer’s data safe
Follow the website tips above and use the security tools we recommend to protect your website and your customer’s details from online security threats such as various types of malware, DDoS attacks and e-mail phishing scams, among others. Plus, securing a website with an SSL certificate helps build trust with website visitors. It’s every bit as important as locking your doors every night.