October is National Cyber Security Awareness month, and here at Webspec we are strong advocates of keeping our clients up-to-date and aware of any changes in internet or website software. The web is an ever-changing landscape and oftentimes it’s difficult to stay on top of all the news reports of various security breaches, hacks and leaks. For example, it seems like all of us (3 billion accounts in total) were affected by the Yahoo breach a few years back, and the vulnerabilities at Equifax have left many of us wondering what’s next.
So if you’re a business owner, how do you keep your website and your visitors safe? There are several things that you can do to protect your data and to stay ahead of hackers.
Consider Your Password Security
In case you were wondering and didn’t want to ask, “Password” is not an effective password. In a blog earlier this year, we discussed the importance of strong passwords, as well as an SSL certificate on your website. To reiterate some of the items in that blog, some of the most important things to remember on the web are to use strong passwords, and preferably different passwords for every site you log into. By having a different password for each website, it minimizes the negative effects caused by a massive data breach such as the one at Yahoo, and many password keeper apps have built-in password generators that then store the passwords immediately. If you’re nervous about having random computer generated passwords for all your sites, try to either choose a ‘passphrase’ that resembles more of a sentence, and prioritize your logins. Perhaps you’re okay using a weak password for your old Myspace account, but please have a strong and unique password for your banking and email!
via GIPHY
Get An SSL: A Cozy Security Blanket For Your Website
So what does an SSL have to do with cyber security? Let’s begin with what an SSL actually is and how it works. Simply put, an SSL certificate, which stands for “Secure Socket Layer,” encrypts information sent to or received from a website. It changes any information that would otherwise be sent plain-text over the internet from a server to a browser to be indecipherable.
SSL certificates are becoming more and more important in our world of ever-present online threats. Your domain appears with “https” as the prefix to your domain name instead of the non-secure version, “http.” Websites ask for passwords, user logins, personal information on contact forms, credit card information, and even social security numbers, all the time, and without SSL protection, all of this information is like low-hanging fruit for any hacker or botnet.
Why Are SSLs Beneficial For Your Website?
In addition to security encryption, adding an SSL comes with bonus perks that are highly beneficial for your business:
- Secure sites on HTTPS rank higher in search results than nonsecure sites.
- HTTPS loads your pages faster than HTTP. Since users can drop off your site with every millisecond of loading time, speed is essential to getting customers to convert on your website.
- Furthermore, since a speedy pageload contributes to a better user experience, Google rewards fast-loading websites by favoring them in search results.
- HTTPS gives you more data in your website’s analytics. Referral data shows a specific link to an HTTPS website instead of “direct” for HTTP.
What Will Happen If I Don’t Get Around To Getting An SSL?
Your website (and possibly your business) will suffer in the long run without an SSL, not just for security but in search results. Google Chrome and other web browsers are soon making it much more obvious when websites are insecure.
Starting on October 17th, the next update to the Chrome web browser will have a large “Not Secure” warning in the address bar when visiting insecure websites. Over time, these warnings will likely become more noticeable and more difficult to circumvent. In fact, in the Firefox browser, there is a large intrusive pop-up warning next to any input field on an insecure website.
What is Webspec Doing to Secure Sites?
At Webspec, we take your privacy and web security very seriously. We already use very strong passwords and secure servers. However, as mentioned above, a lot of security, especially on the front-end of websites with the end-consumer, has to do with the presence of an SSL certificate. Due to the changes with the Chrome and Firefox browsers, starting in October, we are requiring all websites that host with us to have valid SSLs installed on them. Any websites that are not hosted with us, we still recommend installing them and can assist you with that as well.
In today’s age of nearly infinite cyber threats, you can rest assured knowing that Webspec’s developers and project teams are looking out for your best interests. If you have any questions or concerns about your cyber security, please don’t hesitate to reach out to us to chat.