6 Best Practices for Security on the Web

6 Best Practices for Security on the Web

Security for your website and all digital platforms is a crucial aspect of your online presence. We’ve all seen the headlines about what happens when an organization has been the target of a large-scale security breach. However, many aren’t aware of the millions of daily attempts made on a personal level. Hackers try to compromise the security of your accounts and the information they hold. We put together six tips that can help protect you and your organization. 


1. Create Strong Passwords

Gone are the days when you could just use your dog’s name as a password and confidently go about your day. So what classifies as a password as strong? The more variety in the type of characters used in a password, the stronger it is. In other words, it increases the possible variations and makes it harder for hackers to crack. 

Many platforms have implemented requirements to increase password strength, but even when they’re not required, it’s best to follow all of these guidelines:

  • At least one uppercase letter
  • At least one lowercase letter
  • At least one number
  • At least one special character
  • At least 12 characters (see an image created by Hive Systems below to see the significance of 12)


2. Use a Digital Password Manager 

Sending passwords is not ideal, because it creates a digital record of your credentials and can be identified if an account is compromised. However, it’s common that teams need to collaborate and share platform accounts to accomplish their tasks. The best way to do so safely is to use a digital password manager. At Speak, we use LastPass which has a vault that includes sharing features, password generation, reminders to update passwords, and more. We use it at an organizational level, but there are personal plans as well.   


3. Secure Your Website

When you visit a website, there is an indication to the left of the URL of whether or not the website has been secured with an SSL. Google has increased the importance of having a secure site by making it a significant factor in search result rankings. Browsers have also updated how they indicate this information. In the past, the difference was pretty subtle; just a grey lock icon in the locked or unlocked position. Now browsers have started including tags that clearly state “not secure” to emphasize to users if they are on an unsecure site. While this doesn’t mean there’s an active threat, it does imply risk. Either way, the notice is often a deterrent for users on your site. 

To learn more or request having an SSL implemented on your site, simply contact our support team, gethelp@sitewrench.com.


4. Know where your domain is registered to avoid scams

A common scam we see is an invalid notice to renew your domain. Sometimes the date of expiration may line up with your true domain expiration, but the message is from an unknown source and they ask for money and/or account details to be sent by replying in that thread. These are malicious attempts to compromise your account. It’s important to know who your domain registrar is so you can avoid becoming a victim of these scams. 

5. Avoid Phishing Attempts

In addition to domain-related scams, countless other phishing attempts are made every day. Phishing is a term that was coined to describe malicious attempts to compromise users’ accounts by baiting them into phony requests. 
In cases where you see or sense that a message may be suspicious, the first thing to remember is don’t click anything. Pay special attention to the actual email address it came from; sometimes they use familiar name labels, but they actually come from an unknown source. If you’re not sure if it could be a phishing email, try to contact the person by a different method to confirm.

I received this email from what looked like our CEO a few days ago. While Speak has heavy spam filters that flagged this message as dangerous, your organization may not. Additionally, hackers are getting smarter about their scam language so be careful when responding to emails that might feel out of the ordinary. Trust your gut! 

6. Know the Landscape of Your Digital Accounts

It seems like every time you get online, you’re prompted to create a new account or enter an email address simply to browse. It’s a lot to keep up with! For your website and marketing efforts, there’s a standard list of accounts you can expect to have, as well. These include (but aren’t limited to):

  • Content Management System (CMS)
  • Domain registrar
  • Social media accounts
  • Email marketing platform
  • Ecommerce site and/or payment gateway account
  • Third-party integration tools

Not all of these require frequent access or maintenance, making them easier to slip off the radar. When an urgent need arises our team is ready and willing to help but can be stalled while organizations track down their account access and credentials. This not only slows down your marketing efforts but can prolong the time it takes to resolve security issues. 

Having a full understanding of what platforms you use, who owns the account, and how they relate to your digital marketing landscape contributes to your marketing initiatives and mitigates risks.

Let’s Chat 

At Speak, security is of paramount importance. If you need help practicing these security tips or are unsure if your current website provider takes security seriously, we’re here to help. 

Get In Touch         

Posted by Megan Jones at 08:00
close