A website is the house of a brand or business. Thus, it needs to be taken care of like your own home and make sure it is secured at all times with locked doors, windows shut, and have security measures in check. You can never have enough vigilance and protection on your site because once it is hacked, there might be data that you may no longer be able to recover. Even the smallest website still averages 62 hack attempts a day according to Wordfence.
Here are 10 website unmentionables that you should have on your website today. I suggest that you go through each and every one and discuss it with your team or the person in charge of your website development and see whether you have everything you need. I hope this helps you like it helped me.
#1 Appoint a team or a person who will be in charge of maintaining your website
Let’s face it, we don’t know what we don’t know. And if website development and maintenance isn’t in our zone of genius then we should hire and assign someone who can do it for us. Maintenance is the best investment you can do for your website and business.
A chain of command is essential in this area because websites are remarkably complex pieces. Sometimes, breakdowns happen because of just 1 plugin and you need to know who to approach and talk to when this happens. Accountability within the team is super important. If they are in charge of this, add it to their position description. If you are outsourcing it, then you need to be clear about their roles and responsibilities.
#2 Register your domain name under your name
What often happens, especially when it’s the first website of a business, is that the owner doesn’t know that the website designer has registered their domain name in the web designer’s name and not theirs. As a business owner, your website is like your real estate. So you need to own your website, your URL – and that means naming it under your name. If you don’t own it you can lose control of who has it, where it is, and how to log in. When it expires, your email also expires. Know your dates, your website host, where it’s registered. These are super basic but really important stuff.
#3 Keep domain names forever, especially if you have emails under those domain names.
It’s quite common for a few businesses to change names. If you decide to change one of your business names but already have a registered website and emails under that domain name, never ever stop renewing that domain name. Why? If you have an email attached to a domain name, a hacker can re-register your domain and get access to your emails and do things like phish and take personal details to use it for things that we don’t want. So keep your domain name so you have control over those emails.
#4 Always keep backups
We have websites and we all think that those are backed up but sometimes they aren’t. Don’t rely on your host to do your backups. Because you can be attacked by hackers or ransomware. Do your own backups. You can do that on Google Drive or Dropbox where even you can retrieve data even if it’s erased. It’s a really good option for smaller businesses.
#5 Delete unused plugins and themes
Look at your website as your digital home. It is so important to shut and lock your doors and windows when you leave your house. A classic example of keys to your door are themes and plugins. Make sure that you are always up to date with your plugins and themes. If they are not used, delete them. It is so important to maintain these and always have someone who can check on it.
#6 Keep your username secure
Another key to your front door is your username to log in to the backend of your website. The most common name that people have is admin and the hackers know that. If you have that as your username, first thing you do is set up a different username and password.
#7 Have a very secure password
You want to have a unique password for every single site. One suggestion is that you find the phrase that pays. It might be “I go to Facebook to buy my milk on Tuesdays” take the first letters of that phrase, add some symbols and numbers and it becomes unique.
#8 Add a security alarm / security plug in
A security plugin works like a burglar alarm. It checks people who come to your website. Some of them, like Wordfence, is a particularly good one that has dual factor built in. if someones trying to log in you’ve got to have those double numbers, dual factors to try and get someone through.
#9 Build a wall by having a web application firewall
A web application firewall screens people before they can get anywhere near your site. It checks IPs to see whether they’ve been involved in various things, they look and try to find vulnerabilities and if it picks something up they block them. Particularly for high sensitivity sites definitely look at Cloudflare Pro or SecureEyes. You want to keep people at arms length away from your sensitive data. A high sensitive site is anything that has confidential data.
#10 Don’t have your emails go through your hosting
Emails going through hosting is cheap but if hackers hack your site, they can hack your emails too. For any health-related business you want your emails to be done by G-Suite or Office 365. Talk to a good IT person, get it set up and get it as far away from your hosting as possible. It’s more secure and more effective for your practice.
All of this is all about increasing the safety of your business, clients and yourself online because all of these things go together. Invest in the maintenance and security of your website, especially if you are dealing with sensitive data.