The sad reality is that hacking is at an all-time high. As with any skill, you need to start somewhere, so it is the small businesses that are under the most pressure from potential hackers. The good news is, is that it is simpler to stop most of the entry-level hackers from making your business a priority. As you move up the food chain of hackers, it becomes more and more difficult to stop them.
Over the past 20 years, we have seen many different scenarios that have nearly led to the closure of some large corporations. We will go through some of these cases and have a look at steps you can put into place, to prevent it from happening to your business.
Domain name security
For us, it all starts here. Having your own domain name is essential for any business. Several of the larger corporates will not deal with a supplier who does not have their own domain name.
Obtaining a domain name is quick and registration is valid for either 1 or 2 years, depending on the domain extension. Making use of a decent registrar will ensure that your domain name is safe. You can separate the hosting from the registrar, so if you are going to use a cheap hosting solution, make sure you register the domain elsewhere.
In the early 2000s, a budget American hosting company went bankrupt without warning and 300 000 domains were lost, or down for an extended period.
The other scenario we have seen is that the company that is due to renew the domain name, forgets to renew the name. Our first experience with this ended up costing the customer $10 000 in 2006. Luckily for them, that was a drop in the ocean, but how many small businesses could survive that kind of hit?
Our advice, make sure that you have a reputable company looking after your domain name. We use Xneelo for our domain name registration and have not had a single problem in the last 15 years.
Hosting security
This ties in, to some extent with the domain name security; hosting level security is more of an everyday problem. Here you get what you pay for. We have yet to deal with a cheap hosting company that does not save money on some part of the hosting experience.
If you are going to look for a cheap hosting company, please go for one that has the most secure hosting environment. We have dealt with a local hosting company that had a blank password for their main SQL account. They regularly had hosted sites that were hacked.
The other step to take is to make sure that you have a good backup solution in place. If your hosting company does not do this for you automatically, there are several free plugins that will do this for you that can be integrated with Dropbox, Google Drive or OneDrive. Please make sure that you are backing up all databases at the same time.
Email backups and recovery
Your email is vulnerable in 2 places. First on the server, and then secondly on your computer. Most of the issues you encounter will be at the local level and should be covered under your standard IT disaster recovery plan.
Server-side email problems are going to depend on how your email is set up. Most businesses will use POP3, or IMAP mailboxes supplied with their hosting account. They are the cheapest solution. If your business makes use of these, please make sure that there is a backup system in place with your hosting company. If they can’t provide one, look at either moving your hosting or look at Google Suite or Microsoft Exchange Online.
Social Media
This has become an increasing area of vulnerability for many small business owners. Hackers take control of a Social Media profile, change the related email address, and lock the owner out. We have seen that people with “free” email accounts like @yahoo.com and @gmail.com are most often at risk.
To combat this, make sure that there are at least 2 admin accounts on each social media account, with different passwords. Make sure that both use email addresses with a reputable service provider that is going to make the spoofing harder for the hackers. From previous experience, the individual platforms don’t offer much assistance and you end up losing everything.
On a final note, we suggest changing your passwords on a regular basis. We are all guilty of using the same standard passwords, which could lead to not only digital marketing issues but could affect your life as well.