3 min read
Cyber attacks have become more and more frequent as the world becomes ever connected by technology. Millions of attacks take place ever year as...
As a business owner, securing data is important, but websites and social accounts are often forgotten or assumed to be safe. With increased cyber threats, every small business should be vigilant and prevent being hacked. The good news is you dramatically reduce the chances of your website and social media accounts being hacked by taking a few simple steps.
Anyone can become a victim. Recently, The Army's social feeds were hacked, while snow window artist, Tom Baker, fell victim to a hacker posing as an Instagram official - the account was deleted after he refused to pay the Bitcoin ransom. Here are some handy ways to protect your website and social media accounts against hacking attempts:
Before anything else, it's important to know that there are various types of cyber-attacks. Here are a sample of threats:
Phishing or spam - typically email, but can also come in the form of post, phone, in person, website and social media
Malware - infected systems and networks, including ransomware
Denial-of-service attack (DDoS) - Overwhelming a network with a flood of superficus requests which could bring a website or other system down - e.g. credit card machines
Understanding that there are various threats and that each needs addressing will help to understand that cyber security today is about implementing multiple layers of cyber defences.
If you don't know much about these threats, don't worry. You can ask cyber security experts to implement a package of cyber security defences to protect your organisation.
Use strong passwords when accessing online accounts like social media sites, email, or banking websites. For your safety, passwords should contain at least eight characters - we recommend putting three worlds together and using a password manager. Also, make sure you use different passwords for different accounts. This way, if someone gets access to one account, they won't have access to other accounts.
In addition to using strong passwords, implement multi-factor authentication (MFA) when logging into any online account. Multi-factor authentication requires users to enter a code sent through text messages or phone calls instead of just entering their username and password alone. This method makes it harder for hackers to gain access to your accounts.
Social media providers Facebook, Twitter, Google+, LinkedIn, Pinterest, and Instagram all offer MFA, so ensure that you set it up.
One of the best ways to protect your website from hackers is to update software regularly. Make sure that your website, any plug-ins, and apps (including social media and scheduling tools) are updated with the latest version. Security updates counter new vulnerabilities, so it's important to accept updates.
To avoid losing data due to an attack on your website, ensure your website and social data is backed to a separate location. While some Content Management Systems provide version history, which can help in instances where content is accidentally/intentionally deleted or overridden - this data is not saved in a separate location, and you still risk losing data if your website is compromised.
Website providers, for example, WordPress, HubSpot Wix and Shopify, do not automatically backup your website to a separate location. Often, content and data can be exported manually, for example, bulk export blogs in WordPress. Also, data from Facebook and Twitter can be manually exported. However, some providers, such as LinkedIn and Pinterest do not have bulk export capability.
While exporting content manually does backup data to a separate location, an automated solution is highly encouraged. Automated backup is completed regularly and never forgotten, but will require a third-party SaaS solution provider such as SocialSafe.
Enable SSL encryption on your website. SSL stands for Secure Sockets Layer, and its purpose is to encrypt communication between your web browser and the server hosting your website. Encryption helps maintain privacy and gives visitors confidence that your site is safe. If you don't have SSL enabled, you risk having your website hacked.
Also, your clients and prospects may not be able to reach your website at all if an SSL certificate isn't detected. Browsers such as Chrome block websites without an SSL and most internet security settings will block insecure websites.
Educating your employees about cyber security issues is one of the most effective ways to minimise the risks associated with cyber-attacks. They need to understand how they can help reduce the chances of being targeted by hackers.
For instance, being aware of suspicious emails and links from outside organisations. Download our free cyber awareness email campaign and endorse a positive cyber-culture to your employees.
If a third party looks after your social accounts or website, then follow your third-party security policy. As well as signing an NDA, ensure you regularly review their access and ask them what security steps they are taking to protect your login credentials. Ideally, your marketing agency or outsourced social media manager should be Cyber Essentials certified or be working towards the certification.
Cyber insurance is becoming more popular because it helps to manage cyber risk. Most insurance policies cover damages caused by hacking attempts, malware infections, phishing scams, loss of data, and other similar incidents. This type of insurance covers costs associated with restoring your business after a security breach.
Speak to our trusted insurance brokers, Gravity Risk Sevices, for advice about cyber insurance.
As an SME, keeping data secure is a top priority. The security of your website and social media accounts should not be forgotten. The good news is that the security of your website and social accounts can be easily improved. By using the tips above, you can reduce the risk of becoming victim to common website and social media cyber-attacks.