Website Hack Advice
There are only two types of websites – the ones that have been hacked and the ones you dont know have been hacked.
Website owners should are focused on running their business – they are rarely focused on how their customer data is being protected from scammers. Most owners aren’t aware that they are 100% responsible to protect customer data and they can be assisted by companies to reduce the chance of that happening through software updates and technical tools.
CASE STUDY – DELL HACK – MAY 2024
But companies big and small get hacked everyday – see notice from Dell.com from May 2024.
What can you do reduce the impact of a hack on your website?
- Maintenance – Its an absolute must to have a website maintenance service with your website provider or security provider. They will provide backend software updates, security monitoring and backup services for a fee.
- Awareness – You should make your staff aware of security risks and refresh them with cybersecurity training regularly. Talk about it with your staff as part of your regular meetings and share warnings and info within your team.
- Data – You should manage and protect your customer data regularly to only store what you absolutely need in order to run your business. This should be part of your Data Protection Policy where you might retain customer data for say 30 days, 60 days or longer – but only as long as you need to.
- Access – You should review who has access to your website and at what level. You may be surprised to find an ex employee or former web designer still has access to your website. There should only be one top level Admin and possibly some with more users with Edit only mode. Make sure the access levels are correct.
- Plan – You should have a plan in the event of a hack. Your first obligation is to limit the effects of the hack immediately which might mean taking the website down for a period of time. You may need time to investigate the hack. You may need a communications plan via Email or Social Media to your customers when you need more. You may need technical help to repair and secure the hacked website. You will need a plan to tie all of this together that your staff are aware off and is clear to all.
