How to Keep Your Website Secure and Healthy
My clients are entrepreneurs and small business owners. Most of them are busy running their businesses; they don’t have time to properly manage their websites. So it’s no surprise that, when I come on board, I often find their websites in a state of disarray.
Websites that are not tended properly are usually out of date, at risk for security breaches, and littered with unnecessary files that clog bandwidth and impede website performance, making sites cumbersome for visitors to use.
These problems are difficult to see. I’ve worked with many folks who know that there are software updates available for their websites but they never make the updates because failing to do so never results in any repercussions. A website can go months — maybe even years — without an update before a hack or some other security breach slips in. But the failure to make the update does leave a website at risk.
This is just one of the many reasons it’s a good idea to have a professional managing your website. However, there are some things that any website owner can do to make sure their website is safe and secure.
Keep Your Website Secure and Healthy
Today I’d like to share some tips to help website owners keep their sites secure and healthy. Remember, your site might look and function fine while it is at risk for mild to serious problems.
- Keep all website software up to date. This is the single biggest risk factor for most websites. Outdated software, including content management software (such as WordPress) and extensions (such as plugins), leaves a website vulnerable to a wide range of attacks.
- Run regular backups. Even websites that take every security measure possible can get hacked, especially if they are targeted. Regular backups mean that if your site is compromised, you can get it back up quickly and easily. The regularity of backups should be directly based on how often you update or change the content on your site.
- Make sure your files are optimized. This is an issue I’m seeing more and more these days. With the advent of content management systems, anyone can run a website. Many people are uploading raw images to their websites without first optimizing them. The images are often too large, both in dimension and file size, causing websites with only a few pages of content to be hundreds of megabytes in file size. This can cause a range of problems, from impeding the ability to run, share, or store good backups to causing a site to load slowly (or even lock up) for visitors.
- Password storage and sharing. If you manage a website on a computer that is used by lots of people, it’s best not to store the password locally, even if doing so makes logging in a little easier. Similarly, don’t hand out passwords for accessing your website to just anyone. Never store your passwords online or in a device (like a smart phone).
- Back up your site before making major updates. Occasionally, an update can break your website’s design or functionality, and you may need to roll back to a previous version. And some updates may be buggy, in which case you may need a backup that you can use to restore to a previous version.
- Perform regular site audits. Deleting files (especially images) and software that’s sitting on your web server but is no longer in use is a good idea. As websites age, this kind of content can build up. Going through your website to clean out unnecessary files and make sure every page is functional is just good housekeeping.
- Determine whether your site warrants an extra layer of protection, such as HTTPS (Hyper Text Transfer Protocol Secure). A lot of small business websites don’t need extra security, especially sites with just a few pages of content. But some sites are at higher risk and should engage deeper levels of security. This is especially essential for sites that collect user data, such as e-commerce sites that collect billing information.
- Store backups in a safe place. If you backup your computer and then store the backup on a flash drive that you keep beside your computer, and there’s a fire, you’ll lose everything. You can store backups of a website on your computer, but it’s also a good idea to keep copies on the cloud. Backup your backups!
- Use strong passwords and change them on a regular basis. Web software doesn’t prompt you to strengthen or change your password just to make your life harder. Stronger passwords lessen the risk for security breaches. Follow the protocols of good passwords. Avoid using simple words. Include numbers and punctuation marks, and make your passwords case-sensitive.
- Consult with both website designers and IT professionals. Most designers and website managers are specialists. The people who design and code websites are not the same people who design and build hardware or develop security. Many website managers focus on content, not security. IT professionals are specialists who better understand how to keep a site secure. Bonus tip: Get objective advice from IT professionals, because the pros at your hosting providers have incentive to upsell you on security measures you may not need.
If all this sounds too complicated or time-consuming, then consider bringing in outside help. You don’t have to hire a full- or -part time employee to manage your website. Here at Scribizzy, we can manage your website for as little as an hour a week. Our website management services for small businesses include website performance reporting and analysis. For more information, visit our website management page.