- Featured Columnists
- My Business
- Business Insurance
- Communications and Work Anywhere
- Customer Service
- Direct Selling
- Human Resources
- International Trade
- Legal Assistance
- Marketing, Advertising, and PR
- My Office
- Security and Fraud Protection
- Government Resources
- Selling Online
- Starting & Planning
- Travel Resources
- My Cash
- Women In Business
- Industry Solutions
- Social Media
- Calculators and Tools
- My Employee
|Share / Print / Sitemap|
Securing Your Company's Website
A company’s website is an important tool for attracting customers and prospects. The main purpose of a website can vary, from serving as a virtual storefront to solely providing information to the website visitor.
Regardless of the website’s purpose, it’s important to take prudent security measures to prevent the site from falling victim of an attack by hackers and online criminals. Website attacks can run the gamut from relatively benign vandalism or defacement to full-bore attempts to harvest personal or financial information that can be used to commit online fraud.
Some small businesses hope that their comparatively small profile online will help shield them from hackers. While lower traffic volumes can reduce the risk somewhat, automated hacking tools routinely scan websites of all sizes to search for vulnerabilities.
These tools often don’t know (or care) what they’re exploiting, as long as they find a site with weaknesses that they can take advantage of. A small business site may not generate as much traffic as the web’s leading properties, but it’s likely to be considered an easier target.
Knowing the Risks
At the low end of the threat spectrum, websites can be defaced or altered if hackers using automated tools can exploit unpatched vulnerabilities. The primary consequences of these types of attacks are the potential embarrassment for the company and the time and effort required to undo the vandalism.
More serious hackers can upload "drive-by" viruses or malicious software (known as malware) into the website’s code and pass the virus to people who access your site. Similar attacks include using your company’s site to relay spam messages, which could cause problems with your hosting company.
The most serious attacks attempt to steal sensitive information that can later be used to gain access to banking, billing or merchant accounts. When customer data gets compromised in a website attack, you may be required to notify customers under various data breach disclosure laws.
It’s important to think about the potential effects on your business if your website is attacked or taken offline. An e-commerce site would obviously lose business and suffer reputational damage while a site that primarily demonstrates a company’s capabilities could lose some credibility (especially if the company provides technology-related services).
Locking Down the Gates
While it’s nearly impossible to secure a website completely against hackers, a variety of routine measures can make a website secure enough to resist casual attacks.
By following these measures, you’ll reduce the chances (and potential effects) of a web-based attack that can affect your business online.