Is your website an asset or a potential liability?
A well designed website offers the business owner numerous advantages, it acts as a source of information for potential clients, it actively promotes the business owner and it can generate a multitude of leads and business opportunities. As a business owner you must have heard this a thousand times from many different sources, however having a website can also be a potential liability that could cost your business and damage your businesses reputation.
As businesses have embraced the Internet over the last fifteen years so has Malware (Malicious software) evolved and become more and more complex. Early forms of malware sought to generate high profile nuisance attacks, but today its aims are increasingly pernicious, focusing on theft, keyboard logging and other illicit activities.
If your business website has been infected, it is generally because some vulnerability has allowed a hacker to take control of your site. The hacker may change the content of the site (for example, to add spam), or add additional pages to the site, usually with the intent of phishing (tricking users into parting with personal and credit card information). Alternatively, they may inject malicious code (malware)—for example, scripts or iFrame that pull content from another website that tries to attack any computer that views the page.
The term “malware” covers all sorts of malicious software designed to harm a computer or network. Kinds of malware include (but are not limited to) viruses, worms, spyware, and Trojan horses. Once a site or computer has been compromised, it can be used to host malicious content such as phishing sites (sites designed to trick users into parting with personal and credit card information). Some hackers may even take administrative control over a hacked site.
Let’s think about this for a minute, if someone finds a vulnerability in your website, it’s code, the server software or any think else (I’ve even seen hackers exploit a vulnerability in one website to gain access to many other websites on a server) they can potentially take over your business website.
Just what would happen if your business if this happened to your business website?
Imagine a website visitor coming to your website to purchase something and then being exploited by malware on your website, imagine distributing malware to others or being the victim of spam malware or anyone of the other things malware does.
This could seriously affect your business, it could close down your website and it could seriously impact on your bottom line.
Let me share with you a real life case, Business A is a small extremely well respected business, it services its clients and looks after them in a manner many other businesses aspire too. It gains a lot of customer from referral, these people generally check Business A out on the web and then either email or call. Business A has a nice website that looks good and seems to work, Business A promotes it with social media and with some online advertising which does generate new customers. Everything is good with Business A, the business operatives do what they do best until one day the business owner notices a sharp drop in website enquiries, he puts this down to the school holidays and continues on… however the children go back to school and new orders drop off completely, website visitors are down and now he is getting told that his website is blacklisted.
Business A now takes notice, he calls in his IT guy who checks everything out and they find that his website has been hacked and malware of some sort placed upon it. This has resulted in his website being blacklisted and most people visiting the website being notified that it is unsafe to do so.
Business A is now in trouble, orders have dried up online and he cannot use his website and his email is causing some concern too … as the domain name is blacklisted. Eventually the IT guys rebuild the website and start the task of removing the website from those that have blacklisted it, this is no easy task.
Eventually the orders and enquiries will come back, however the whole process has taken weeks and weeks and the affects to the business could potentially be felt for many months to come.
So what can you do to protect yourself?
- Make sure your website and all of its core components are always up-to-date, this generally means that most websites need to be updated in some form or another monthly. If you cannot do this yourself make sure your website designer / hosting company are doing it for you, and do make sure you are running the latest version of PHP… that is often overlooked.
- Employ a specialist Malware Scanning Company that will scan your website daily and that will remove any malware found.
- Monitor and check your website regularly.
- Backup your entire website at least weekly but ideally daily.
- Ensure website passwords and usernames are changed regularly and are as strong as they can possibly be… i.e. dfdDJ#7p3Fdg^5F as opposed to your pets name.
- Use a Content Delivery Network it helps secure your website, keeps it online when your server is offline.
The secret to dealing with Malware and Hackers and even server crashes for that matter is to assume that one day it’s going to happen to you and to be prepared to act when needed, this is why we suggest you backup your website so that you can more or less instantly restore your website to its original condition.
As you can imagine, we include for all of this and much more with our maintenance plan which has been designed to provide all of the services businesses need, check it out at http://websitedesigns.com.au