Business Advice for all UK firms from starting a business to flotation

Business Website Security Advice: How to Keep Your Customers Safe

Regardless of the product or services you’re selling, the size of the industry or how complex the platform is, security is paramount.

Every business website needs protection. According to the Cyber Risk Outlook 2018 report from the University of Cambridge, there are, on average, 4,000 ransomware attacks per day. On top of ransomware attacks, you've got DDoS attacks and a host of other threats out there in cyberspace. When you piece all of this together, the need to secure your website and, in turn, your visitors becomes apparent.

As a business owner looking to protect their online interests, you should look into the following as essential tools of the trade.

Web Application Firewalls

The most effective way to avoid the OWASP ten most common online threats is to use a customizable web application firewall (WAF). Essentially a gateway between your web application and the wider internet, a WAF will filter incoming traffic and protect against threats such as SQL injections and cross-site scripting. The benefit of using customizable software is that it utilizes real-time data to process traffic based on your requirements. This can be particularly useful in highly vulnerable industries and for avoiding false positives (i.e. blocking traffic that doesn't need to be blocked).

Secure Payment Merchants

If you're planning to accept online payments, a recognized processor is essential. For those well-versed in modern technology, cryptocurrency solutions such as Bitcoin are an option. However, despite being extremely secure, these systems are still in a fledging state. The most common methods are credit/debit card and eWallets such as PayPal. In addition to selecting a reliable payment processor, you need to consider the medium you're using. Around $1 million worth of e-commerce transactions are processed every 30 seconds. According to the same source, around $270,000 worth of business happens on mobiles. Therefore, you need to select the most secure method for the medium you're most dominant in.

Two-Factor Authentication

Perhaps the simplest area that many websites fall short in is logins. Cybercriminals often attack unprotected or poorly constructed login pages before anything else. Indeed, if passwords aren't correctly hashed or a page is easily forged for a phishing attack, hackers can steal user data with very little effort. One of the best ways to protect against this is to insist visitors use two-factor authentication. Using a simple app such as Google Authenticator, users are given a unique code each time they want to log in. These code works in conjunction with their username and password to ensure that only those with access to Google Authenticator can access the account.

Naturally, like all of the provisions highlighted in this guide, nothing is 100% secure, 100% of the time. However, if you can incorporate two-factor authentication logins into a platform that's protected by WAF technology, you can avoid the 4,000+ threats your online business will face every day.

Share |

Post Date: December 7th, 2018