When you run a website, data security is a top priority for both you and your customers. In the second post of Security 101, our five-part guide to website security, we will be tackling the topic of identity theft.
Identity theft is the practice of stealing someone’s identity and using it for illegal, usually financial, purposes. Thieves are often able to access information via phishing and other scams, but hacking into existing websites is by far the easiest way for them to get hold of a large amount of data.
Keeping Customer Data Safe
Unless your site processes payments through a secure third party, you need an SSL certificate on your site. A Secure Sockets Layer encrypts any customer data that is entered into the page, preventing hackers from accessing the information. An SSL certificate confirms that your site has this by showing a green padlock in the URL. Ubisan can provide both the encryption and the certificate you need to reassure your customers.
A firewall is also essential, even if you have an SSL certificate. The right software will block any unauthorised access to the site, so a hacker cannot use malware or exploit weakened code to violate server security. Ubisan provides a firewall designed for business, alongside software to eradicate malware and other threats.
If the Worst Happens – what to do if your website is hacked
Even when all reasonable precautions are taken, hackers and identity thieves are still finding ways to access websites. So, what can you do if your site is hacked and data is stolen?
Get the full picture
Your hosting service can help you get an idea of the scale of the damage. As soon as you can, find out when and how the breach happened and what information was taken.
Solve the problem
Once you know how much damage has been done, you need to take quick and decisive action. Prepare to spend money on new computers, hiring programmers, and changing your security system.
Seek legal help
Call the police and hire a lawyer. Everything from which companies are involved with the site to who is actually responsible for site security comes into play when determining liability for a hack. Getting legal advice right away will help you navigate the situation.
Stay in touch with your customers
Your site’s users will be scared and angry. Mitigate the damage by letting them know early about what happened, and keep them up to date as the situation progresses and you take positive steps. Tell them in detail what they need to do to protect their information and be prompt in responding to queries.
After all the commotion has died down, look at re-evaluating your security system. Ubisan can help with a comprehensive package designed to protect businesses. For more information, check out the rest of our blog posts on the topic of online security and visit our page on security services.
In the next post we’ll take a look at viruses, malware, and keeping your site free from infection.