I’d just like to thank Ron Sela for featuring this post on his blog. This site is a tremendous source of information on content marketing and SEO, and I’ve found it to be so informative. I particularly enjoyed this article, What is the Impact of Social Media on Your Marketing. Check it out here.
Marketing content in today’s fast-paced world has never been more exciting and challenging. As the competition continues to heat up, the battle for domain authority and page ranks rages on. We use the latest figures, download the latest apps—anything we can do to make sure our site is reaching as many viewers as possible.
It goes without saying then, that often the last thing on our minds as online marketers is internet security. It’s just not at the top of our priority lists. We’ve got links to build, posts to promote, markets to target. Who has time to worry about something like cybersecurity?
The reality is, you need to make time. Website hacking isn’t just something that happens to the guy with “123456” as his password. According to a 2012 Sophos Security Threat Report, something like 30,000 websites are hacked every day, and it’s not just the big fish either. Major retailers are often a target and certainly make headlines when massive data breaches occur.
Huge companies like Home Depot, Sony, Target and even VTech have suffered massive data breaches in recent years, resulting in hundreds of thousands of credit card numbers falling into the wrong hands. Chances are you were affected in some small way by at least one of these data breaches.
These were huge companies that were hacked, with massive budgets for an IT department and data storage. If they can get hacked, isn’t it a reasonable assumption that you can too? In today’s day and age, it’s not fear mongering; it’s a statistical probability that, at some point, someone is going to try to infiltrate your site.
Cybersecurity and Liability
If you’re not taking steps to ensure that your site is secure against hackers, you could be backing yourself into a corner legally. Managing any kind of client data, even just mailing addresses, means that you have a responsibility to your customers to ensure that their data is safe and secure. Failure to do so can actually open you up to legal action.
If you’re not taking steps to make sure that your site is as secure as possible, if and when a data breach occurs, if it’s seen that you were being haphazard with security practices, you could be found negligent and largely at fault for what happened with your customers’ data.
It was a conversation that was being had with the notorious Ashley Madison hacks last year. With such poorly managed security, was the company at least partly to blame for the hacking incident? It’s a question that nobody ever wants to be on the other end of, but ultimately, you have both a legal and ethical responsibility to your customers and readers to keep your site secure.
There is no one size fits all security plan, and hackers are clever—even all of this may not be enough to keep your site secure. However, following a few simple steps like these can mean the difference between compromising the reputation of your site and maintaining a reliable, secure image.
1: Always Use Strong Anti-virus Software
It’s security 101, but sometimes it just needs to be said. Always, always have a strong anti-virus program running on any device that you conduct business on, including tablets and smartphones. Malware has gotten even more sneaky and aggressive, and now ransomware is wreaking havoc with many people’s devices.
If you store any kind of company data or client information on your device, ransomware can sneak in and literally hold it hostage. This malware works exactly the way it sounds, “capturing” your files and holding them until you pay a ransom fee.
Anti-virus software doesn’t just protect against these kinds of threats. It keeps you from falling into traps online, following dangerous links and even in many cases can spot out phishing attempts and scams in your webmail and social media accounts. Anti-virus software has come a long way in recent years. Get a feel for what’s out there, and be prepared to pay a yearly license fee.
Anti-virus software has even come a long way with identifying phishing attempts in your webmail. This is when scammers try to contact you with what appears to be a legitimate email, usually requesting some seemingly benign piece of information, in an attempt to steal your personal info.
However, anti-virus can’t spot it all, and some programs don’t work with webmail, which is what the majority of internet users use an email service. Always be wary of any email that asks you directly for information, even if they appear to be from a company you’ve worked with in the past. To be on the safe side, if they ever ask you for information or direct you to a link. Do not click the link in the email. Instead, open a new tab and enter the URL yourself.
All too often, scammers are setting up fake look-alike pages to trick victims into filling out forms and revealing sensitive personal information. These pages can look identical to the legitimate ones you’re used to seeing, so the only way to weed them out is to always go to the site on your own.
2: Be Selective With Cloud Storage
Cloud computing is an excellent way to take your work on the go with you, but it also means that you’re entrusting a third party to manage your files and privacy. There’s a lot to be said for the convenience of online backup services and cloud storage, but you need to be pretty selective about who you use when you’re running a website.
Most of the data breaches that have happened with cloud storage services have actually been a result of internal issues with employees. Notorious celebrity photo leaks immediately come to mind. Must more troubling though is the idea that your customer’s information could be compromised.
Make sure that you put any cloud storage service through a thorough vetting process before you use them to manage files on the go. Look for companies with geo redundant file storage, and make sure they give you the option of setting up a private encryption key. This is like an account password that only you would know, so that even the company would not have access to your files (just make sure you don’t lose it).
Manage permissions to these kinds of accounts carefully. Only give access to employees who absolutely need it. Make sure than anything you store in the cloud is being encrypted, and make sure that the upload process is done on a secure network or with a Virtual Private Network (VPN). This way, even if your data is intercepted, or there is a data breach with the company, your privacy is still protected because your files were encrypted.
3: Keep Your Plugins and Browser Up to Date
It’s easy to fall into the trap of putting off updates, and it’s understandable. There are just never enough hours in the day, and it always seems like you get those little notifications when you’re in the middle of a huge research session or firing on all cylinders with some fresh content.
The thing is, the longer you put it off, the more you’re opening yourself up to the possibility of attack. Don’t get too comfortable with using outdated versions of your internet browser or online marketing extensions. The longer these versions sit on your system, the more likely it becomes that someone out there has had enough time to insert some malicious code.
There’s a reason these apps are updated so frequently, and it’s not just improvements to the app’s performance. Security vulnerabilities are often addressed in newer versions, and hackers have a harder time infiltrating newer versions.
The same thing goes for anything on your device. Keep your computer’s operating system, anti-virus software, browser—everything—up to date to avoid security vulnerabilities.
4: Secure Your Network
Network security is a major concern when you’re dealing with online work. Make sure that wherever you handle business, the network you’re on isn’t open to just anybody. Change the default name of your router for starters. Many hackers can use this information to determine the manufacturer and ISP, and use that information to take advantage of your network.
Also make sure that your network is password protected, and keep that password private. Public customer or guest WiFi needs to be on a separate network that you’re comfortable with handing out the password information for.
You can even take things a step further and opt to encrypt everything that’s sent over your network by installing a VPN on your router. VPNs are online services that encrypt your data and hide your IP address, effectively making everything you do online more private and secure.
VPNs are most well known for being used to get around content filters and access geo-restricted services like Netflix overseas, but with most of them using military grade encryption, they’re also a great way to protect yourself from hackers. Most come with unlimited bandwidth and at least two connections per account, so setting one up on your router should be no problem.
5: Avoid Public WiFi or Take Precautions
On that note, it’s also important to be honest with yourself about public WiFi. Convenient though it may be, public WiFi hotspots are notorious for attracting hackers. With a really simple setup that practically anyone can figure out, someone can actually intercept your data on a public network while you’re working, and you’d be none the wiser.
This is another scenario where a VPN comes in handy. You can install one on practically any device, so many sure you use one any time you’re on an open, unsecured network. Lots of VPNs actually have settings that will allow them to start up automatically on coming into contact with a network—handy if you’re prone to forgetting.
In addition to using a VPN on public networks, some basic device settings can be adjusted to protect your privacy as well. Go into your network and sharing settings, and make sure things like “network discovery” are turned off. This setting allows other users on the network to see your device and can present you as an unwitting target to hackers who might be lurking.
You should also disable things like device and public file sharing. Unless you need to do some local file transferring (which isn’t advisable on a public network), there’s just no reason to have these settings turned on. It’s the virtual equivalent of leaving your back door ajar. You just never know who may decide to wander in.
6: Limit Those With Admin Privileges
If you have multiple staff working on your site, keep in mind that it’s really ideal to give them the bare minimum of privileges. If they don’t need admin status, don’t give it to them. Ultimately, it just means that one more person other than yourself has the authority to make major changes to your site, and unless that person absolutely needs that clearance, it’s just taking an unnecessary risk. Don’t worry about sparing feelings. It’s a simple matter of security.
On that note, make sure that anyone with access to your site is also up to speed with basic security practices. Have them familiarize themselves with how things are supposed to look, and make everyone a security sentry. If something looks amiss, the more eyes you have on the lookout, the more likely it is to be spotted.
7: Practice Solid Password Security
It might seem like a very basic topic in cybersecurity, but it is one that needs to be discussed time and time again. The importance of a strong password just cannot be overstated.
According to a recent report by mobile security company TeleSign, three out of four people use the same password for multiple accounts, the majority of which have been the same for at least a few years. Of those people, 40 percent have had some sort of security issue in the past year. That means that of the people that have poor password habits, two out of five are paying for it.
Password security does matter, so make sure that with your website you aren’t taking any chances. Always choose a password that is completely unique to the account, or you run the risk of the daisy chain effect, in which one hacked account could give someone access to everything you have.
Choose a password with both upper and lowercase letters, numbers and symbols, and try to change it every six months if you can. If you have a hard time remembering passwords, look into password management services like LastPass to make it easier on yourself.
These services just require you to remember one ultra-secure password, and in turn they store and automatically enter all of your login information for you when you’re signed in. Most operate as a browser extension, and are incredibly handy for the absent minded content marketer that wants to up their security game. These programs are also a great tool to use with staff – it means that passwords stay secure, and you’re not constantly having to retrieve them.
The same precautions with phishing emails we mentioned earlier apply here as well. Make sure you are always entering login information on a legitimate site, and always use your own bookmarks or type in the web address yourself to make sure you’re on the real site. Never login from a link in an email.
Market Yourself as Reliable with Better Security
When it comes to marketing online content, we’re all after that elusive viral factor that makes our links spread like wildfire. We’re looking at page ranks, networking, making connections all over the place, but what are we actually doing to shore up our online reputations?
The thing is, it can all come crumbling down like a house of cards in an instant with the right amount of exposure to the wrong thing. If the first thing about your business to go viral is your latest data breach, you’re hardly setting yourself up with a successful future. Protect yourself, and protect your customers. Get serious about cybersecurity.
Take these tips to heart, and make sure that you’re at the very least incorporating sound password and network practices into your work routine. As your site grows and your business expands, start looking at incorporating professional help in securing your site against hackers.
Remember, your site is a free platform with a built-in viewer base that any hacker would be happy to get their hands on. Make sure you’re as proactive about protecting it as they are about getting ahold of it.