Your website is your reputation - How to protect it?
Imagine your website is hacked. Strange images and content appear, or it is down/inoperable for days. Everyone who comes to your website discovers you have been hacked. Your clients and partners imagine their data is stolen or that you as a Company are not operating online. What would the impact on your revenue and reputation be?
If you market or transact through your website, the impact to your business could last for months. And as we continue to work primarily remotely, it impacts a gamut of business sectors as never before.
To defend against website hacking, you need to be proactive and follow a few best practices as a Company Team.
4 key fixes to help safeguard your company's online data and reputation in 2021.
1. Website Filter Input
The most common security flaw exploited by hackers to access websites are Injection Attacks (including script injection, shell injection and SQL injection, cross-site scripting, operating system command attacks and dynamic evaluation attacks).
These kinds of attacks involve criminals adding malicious code to websites that can steal your data, take control of your websites or download malware onto your devices and more.
The best defence is a web application firewall that updates its threat database in real time to keep you safe from the latest attacks. Imperva and Sophos XG offer a Web Application Firewall and CloudFlare has an initial freemium website monitoring service.
Code injection can be prevented by providing cybersecurity awareness training across your employees (such as not opening suspicious links).
2. Encrypting Sensitive Data
All sensitive data on your databases – such as user passwords, credit card details and sensitive cookies – need to be securely encrypted, or they risk being exploited by hackers if your system is accessed.
Ensure that passwords and other sensitive details are never stored as plain text and only use industry standard level encryption.
Users on your network should also be discouraged from reusing passwords across multiple accounts to minimise breaches further. Password Managers like Roboform and Votiro offer solutions to easily and securely store passwords to ensure passwords aren’t reused or oversimplified for easy memorisation. They’ll even generate random passwords for you.
3. Identifying and Prioritising the Cyber Risks to Your Company Continuously
A virtual consultation with a cybersecurity expert will identify the risk priorities for your business and your industry, providing customised, affordable and easy to implement security solutions.
WhiteHawk, Cyrisma and Black Kite are commercial vendors that can help you identify and prioritize cyber risks continuously and effectively.
4. 24/7 Breach Response
Even with the best website security, human error or other factors can result in data breach or website hack. As with fire, you need a ready-response plan in place so that you can act effectively and immediately, by having a team standing at the ready to assist and limit the damage. Companies like Rendition Infosec and WireX provide 24/7 breach response services so you don’t have to hire a dedicated, in-house security team.
Comprehensive Security Solutions for SMB and Enterprise
Barclay Pearce Capital client WhiteHawk (ASX: WHK) offers free consultations to help businesses of all sizes identify their website security vulnerabilities and match them to affordable solutions.
WhiteHawk is focused on next-generation solutions that leverage publicly available data sets, Artificial Intelligence (AI) based analytics, and online risk platforms that scale to identify, prioritise and mitigate a breadth of digital age risks in near real-time. Their methods have been tested and evolved with government departments and Fortune 500 companies.
Using machine learning, any business can access their online and virtual service to help you discover, learn, receive immediate online matches to top solutions, find insights, affordable vendor products and services, or chat with smart cyber advisors in real-time, so you can take smart action and own your cyber success story.
To keep up to date with what's happening with WhiteHawk and the cybersecurity industry as a whole, subscribe to the Whitehawk Chairman’s List.
