The holiday season isn’t just a busy time for online shoppers in search of the perfect gift, it’s also peak season for hackers to target eCommerce sites. So it might be a good idea to use a website checker to ensure your site’s security is up to scratch. Remember, small businesses in Australia pay an average of $4,677 to free their data from a ransomware attack.
Online sellers escape many of the security challenges faced by traditional bricks and mortar stores — from handling large amounts of cash to thwarting determined shoplifters.
Yet running your own web store comes with a new set of challenges you can’t afford to ignore. An eCommerce site without adequate security could lead to loss of revenue and reputation should you be the victim of a cyberattack. Many small businesses simply can’t survive such an event.
How to use GoDaddy’s website checker
Thankfully, it’s simple to check whether your website’s security is in order. The easiest way is to use GoDaddy’s website checker. Just copy and paste your web store address into the box above, then click Check My Site.
If your site is judged “Secure” that’s a good sign. If it’s flagged as “Not Secure” then you need to get your SSL certificate in order before you do anything else. This digital certificate is purchased and installed via the internet. Once installed, it protects all exchanges between your website and your customers from interception.
More and more people know they should never enter payment details into a website without HTTPS encryption.
In fact, Chrome now warns people before they visit a web store or website that lacks encryption by labelling it “Not Secure.” Such sites start to plunge in Google search rankings — a real red flag for customers.
To earn Google’s (and your customer’s) stamp of approval, you need to employ SSL encryption on every page of your website, not just at the online checkout.
Thankfully SSL certificates aren’t expensive and GoDaddy offers a range of options depending on whether you’re looking to secure:
- A single website.
- A single site, along with all its subdomains.
- Multiple websites.
Next up: scan for malware
With your SSL certificate sorted, your next line of defence is a malware scanner. This checks your web store regularly, looking for signs that hackers have tried to sneak in. Their goal is most often money, since they can sell names, addresses and credit card numbers on the darknet. They’ve also been known to plant malware that then infect visitors’ computers.
Once again, it’s not just about ensuring security but also protecting your reputation — customers whose computers have been infected with malware from your site won’t come back. Even worse, they’ll warn their friends to stay away.
Automated tools like GoDaddy’s Website Security scan your site for malware every day, undoing any damage they find. Website Security locks the door on hackers, ensuring that you don’t get stuck on Google’s malware blacklist.
The Deluxe and Ultimate plans also include a Web Application Firewall (WAF) to filter out malware before it ever reaches your website. The WAF even shuts out Distributed Denial of Service (DDoS) attacks, which can shut a web store down cold.
Now cultivate a few good habits
Hackers are always coming up with new ways to break into websites, so eCommerce security can never be set-and-forget. You need to remain vigilant to ensure that your business and its customers remain safe. You can do this by following these rules year-round:
It’s important to install the latest software updates to your eCommerce platform, along with updates for any plug-ins as soon as you’re notified there’s an update available. Along with new features, these updates often contain security patches designed to combat emerging threats.
Most online attacks rely on known security gaps that have already been patched. Hackers are banking on the fact that many eCommerce site owners haven’t got around to installing the latest updates and are still vulnerable.
Get serious about passwords
It’s also essential to use strong and unique passwords to keep out uninvited guests. Where available, enable two-factor authentication which protects you by requiring two separate pieces of information to log into your accounts. This doesn’t just apply to your eCommerce platform, it also goes for your:
- Hosting account.
- Online banking.
- Cloud accounting package.
- Any other sensitive service that you can’t afford to have hacked.
Don’t be fooled
You, your employees and contractors also need to be awake to the tricks hackers use to fool us into infecting our own computers. Hackers often target businesses with ransomware attacks — so often, in fact, that ransomware is Australia’s fastest-growing malware threat.
Ransomware attacks often start with an innocent-looking email — an unpaid invoice, overdue bill or unclaimed tax return.
The idea is to trick you into clicking an infected attachment or malicious link in the email, which then encrypts all your important business files, shutting you out of your own system. The hacker then demands payment for their release.
If you’re not a sole operator, then you need to ensure that everyone who has access to your business systems takes all the same precautions, as it only takes one weak link to break your chain of security. Staff training is a key line of defence in any business’ cybersecurity.
Back up regularly
Despite your best efforts, cyberattacks can still hit their mark. Your best insurance policy is a solid backup regime so you can quickly get back on your feet.
Running the occasional manual backup doesn’t really cut it when your business is at stake. Unless you can afford to lose weeks or even months of important business data, your backups need to be automated and regular.
Along with backing up your files, it’s also important to back up your website, so you can get it back online quickly if something goes wrong. Thankfully website backup is built into many hosting packages.
Secure your web store now
A website checker is a great first step for diagnosing your security risk. From there, be sure to work through this security checklist before the holiday season gets under way. Hackers don’t discriminate; even the smallest websites get hit.