Even if you’re not a high tech company, cybercrime is still one of the biggest threats to your business. Phishing, brute force attacks and ransomware are increasingly affecting millions of businesses of all sizes. Cybercrime is everywhere, so much so that there’s a digital blotter detailing activity. Cybercrime is even a huge business in itself, which makes it highly attractive to malicious coders.
- A 2017 study found that there is a hacker attack every 39 seconds. That means in the time you take to read this post, at least 5 websites will be breached.
- In 2018, the rising cost of cybercrime was $600 billion globally, leading to billions more being spent on cybersecurity.
- According to the Annual Cybercrime Report, there’s a ransomware attack every 14 seconds.
But you’re a small business owner and your site is not popular or even worth hacking right? Wrong.
In fact, almost half of all Cyber attacks are targeted at small businesses, and that number is on the rise. Yet, only 14% of those businesses have taken measures to protect themselves. Often, small business owners think that their businesses are too small to be worth getting hacked. Yet, that’s exactly why they are being targeted.
Size is also a budget issue. Hackers are increasingly going after small business sites because they know they don’t have a huge budget to invest in proper cybersecurity, making these sites potentially more vulnerable. But, you know that hacking is not going away, which means you must find effective and affordable ways to protect yourself.
Do you want to add your business to that 14% who are doing something about cybercrime? The good news is, if you have a WordPress website (or other CMS), there are effective measures you can implement that will not incinerate your operating budget:
1) Use two-factor authentication (2FA). 2FA is a simple yet effective method to make it more difficult for hackers to breach your login page. With 2FA, all users need to provide login details for two different components, such as a regular password and a secret question, code or set of characters. If you are the only one logging in to your site, then an even better option is the Google Authenticator app, which sends a secret code to your phone.
2) Rename your login URL. By default, WordPress names your login page with the extension /wp-admin or /wp-login. Obviously, hackers look for these names all the time. Changing the name of your login page can help eliminate up to 99% of brute force attacks. To do this, use the iThemes Security plugin.
3) Change your passwords. Often. And when you do, make sure to make them as complicated as possible. This sounds like a no brainer, but sadly, the most used passwords last year are embarrassingly easy to hack. Most people have problems trying to organize and remember complicated passwords, but there’s a solution! Password managers are growing in popularity, and here is a list of the best ones.
4) Install an SSL. An SSL (Secure Socket Layer) will keep the data transfer between your browser and the website server secure, so hackers trying to breach the connection or spoof your content will find it tough going. Most hosting companies will offer an SSL as part of their hosting packages at no additional cost.
5) Whoever laughs last has a backup. You probably made a substantial investment in your website and rightly so as it’s the most valuable tool you have to market your business and make money. That being said, you simply must have a backed up clean copy of it in the event something bad happens to it. Consider the alternative: no website, no rankings, no accessibility – and no business. A costly scenario indeed. Again, check with your hosting provider to see if they offer website backups as a service. There are also many plugins available that can make backing up your site a breeze.
5.1) Update, Update, Update. With WordPress, it is absolutely essential to keep all the elements of the backend up-to-date or you are risking a situation where security flaws can develop, opening opportunities for hackers to infiltrate. Find out more here about keeping your site’s backend up-to-date .
The above actions aren’t difficult or expensive to implement, and the benefits are worth the effort. Taking these few, simple actions can mean the difference between having a profitable website and a debt-ridden business. Hackers are always looking for (and developing) new ways to take from you. It’s time you gave them something they have long deserved – dashed hopes.