With small businesses rushing to get online, it’s important that we all appreciate the need for comprehensive website security — no matter how small the business. Hackers are more active than ever, going after hospitals, government agencies and most recently, Sydney’s Nine Entertainment station.
Every website needs a complete site security tool that includes a firewall, malware scanning and removal, automated backups and SSL encryption. Keep reading for details on each of these elements.
And if you don’t think security is a concern for your small business website, then think again. Any business that accepts online payments or stores customer details in a website database is at risk of having them stolen. Losing them to a hacker means your business reputation could be severely damaged.
Between July 2019 and June 2020, the Australian Cyber Security Commission responded to a cybercrime every 10 minutes on average.
These were not just crimes against big business. Small Aussie businesses were on the radar for hackers too (both locally and globally).
In fact, hackers often have bots crawling the web 24/7 looking for easy targets. The Australian Small Business and Family Enterprise Ombudsman states that ‘small business is the target of 43% of all cybercrimes.’
Why SSL Certificates aren’t enough
Perhaps you’ve added an SSL Certificate to your website in recent years. If you have, then well done.
An SSL Certificate protects data as it flows between your website and your customers, encrypting it on one end and decrypting it on the other.
It lets people know they can safely browse and buy from your website — and even improves your search engine ranking, as Google prioritises websites with SSL encryption.
But it won’t stop hackers from penetrating your website and database(s). It also won’t protect against a malware attack. Even if you have an antivirus solution, this won’t stop hackers from taking control of your website and demanding a ransom before they give it back.
You need a more comprehensive security solution, one that protects you from all angles. Keep reading to see which ones are the best.
GoDaddy’s Website Security: the complete site security solution
Let’s explain some of the features you need to ensure your small business website is protected.
1. Malware monitoring and removal
For most small business owners, you’ve likely never had your site infected with malware. You may not even know someone who has. Even so, it’s not something that should be taken lightly.
I’ve spoken with businesses that have been infected with all sorts of malware and it’s had varying impacts.
For some it’s been a case where malware has created thousands of extra URLs that were then indexed by Google.
While this has little direct impact on visitors to a website, it has grave consequences for its search ranking.
And for others it’s quite literally injected content on the site that can be seen by all who visited.
The problems are many, but the biggest concern for the businesses I’ve dealt with is the time it took for them to know they had a problem. If you’re not browsing your website on a regular basis, then it can be there for weeks before you realise it.
This is where regular malware scanning is a must to ensure the security of your small business website. With GoDaddy’s Website Security, you can even choose how often your website is scanned.
If Website Security finds malware, it will alert you via email. With the Advanced or Premium plan, you have unlimited site cleanups. So all you need to do is jump into your dashboard and request the cleanup. The GoDaddy team will then identify the source of the malware and remove all instances.
Still very much a misunderstood security feature, a firewall intercepts all data requests from your server and analyses them before allowing them into the inner sanctum.
This is the first line of defence against malicious attacks. A firewall turns away suspicious traffic before it reaches your website.
It’s essentially a security door for your website. The firewall can see who it is, find out what they want, then decide whether or not to let them in. And it’s automated, so you don’t need to have a security team analysing each and every request.
A Web Application Firewall (WAF) is the backbone of GoDaddy’s Website Security package and rightly so. Defence is the best offence.
3. Regular backups
Perhaps even more misunderstood is the value of regular backups. A backup is basically a copy of your website. If you make backups regularly (say daily), you’re well-positioned to respond to a hacker’s ransomware demand with a shrug. You simply ask your hosting company to restore yesterday’s copy of your website and off you go.
You can read more about backups here.
4. An SSL Certificate
An SSL creates a secure tunnel through which information like passwords, names, addresses and banking details can pass without interception by hackers.
More and more people are looking for the HTTPS prefix or padlock symbol in their browser bar before submitting their personal information to any website.
A note about DDoS protection
If you’re not familiar with a denial of service (DDoS) attack, perhaps you’ll remember early in 2020 when the MyGov website crashed just as Australians were looking to register for financial support. It was first thought that this was a distributed denial of service (DDoS) attack.
So what is a DDoS attack?
It is a cyberattack that aims at flooding the server hosting a website with requests. The objective? To bring the server down and crash the website.
GoDaddy’s Web Application Firewall will intercept and examine incoming data to your site, which is one of the key assets in protecting against a DDoS attack.
But beyond that, the Content Delivery Network (CDN) included with GoDaddy’s Website Security will distribute your site’s assets across a global network — which makes a DDoS attack on your origin server incredibly difficult.
Website security is not a task for tomorrow
In small business, the demands are many and your time is limited. So we all must prioritise what we need to do. How are you going to prioritise website security?
Don’t put it off.
Avoid damage to your reputation when customers find out their personal details have been stolen.
Implement a comprehensive solution today. Make sure it provides the layer of security noted here, including a firewall, malware scanning and removal, backups and an SSL Certificate. Then rest easy knowing you’re covered.