The bad guys are out there, you better believe it. There are hackers and crackers, script kiddies and black hats trying to gain access to the data stored on your web site or web site server. These groups spend hours daily trying to compromise your web site security. These people work 24/7, they swap and sell entry codes to web sites, they share hacking software – it’s an entire industry that is focused on getting beyond your web security. It’s an industry that can put your business website in jeopardy.
So, you load up your business system, whether it’s a single computer in the spare room or a dozen networked work stations in a small office, with all kinds of expensive fire walls, anti-virus software, anti-spyware, registry scrubbers and all kinds of layers of security to keep your network squeaky clean. You even put your spam filters into overdrive to keep out the riff-raff.
Web Site Security
Problem: your in house hardware, and the data stored on that HD, is only half the equation. If your web host plays fast and loose with security you are MUCH more likely to be cracked, attacked and left in the digital dust bowl of ghost sites that litter the W3 landscape. Your dream, your vision – gone overnight while you slept and all your left with is a 404 error message: Can not access web site. That’ll get your day started off on the right foot. What a mess.
So what should you look for when it comes to host security? Isn’t web security an integral part of successful customer service? Well, ask questions to begin with. Don’t just register a domain and start building your site. Quality web hosts have knowledgeable, no cost reps who will be happy to discuss server side security. It’s one of their favorite talking points so call. Ask, discover the difference between any web host and a quality website hosting partner.
You’re more likely to be hacked by someone you know than a total stranger. A business acquaintance who knows you use your birthday and dog’s name as your PIN “because it’s easy to remember.”
It could be an unhappy spouse or a careless kid who downloads a virus onto your business computer. Not good, kid. VERY not good.
And then there’s the proverbial disgruntled employee who can crash your entire office network while emptying out his desk. Thereafter, the very same disgruntled employee leaves your company many negative Yelp reviews.
On the server side, it could be an unhappy employee who spills his Red Bull into your server. It could be an under-trained tech or a tech who didn’t have access to the server room.
The Server Room
A quality host keeps its servers locked up tighter than Fort Knox. They’re kept in a locked, limited-access, temperature controlled room. Some hosts even use biometric recognition systems to keep unauthorized personal from entering the server room.
Further, the server room is surrounded by surveillance cameras monitored 24/7. Anything suspicious and alarm bells go off everywhere.
Security to access the server room is further protected by encrypted codes that change frequently, smart door technology and other state of the art analog tools used to protect your digital assets. Does you web host offer this level of site security? Ask!
But wait, there’s more…
…a top-tier host partners in your success and wants to give you every advantage, from a tool kit full of freebie apps to redundant layers of site security.
Here’s what you want in web security:
Before you sign up with that free or low-ball host, check out the site security measures in place.
Private Racks and web security
If you’re running a big on-line business, you’ll probably need a few servers dedicated to the transmission of information between site visitor and your site’s back end, aka the office.
Well, most hosts simply assign servers among the rows of racks of server after server. So your “10 server array” is as vulnerable as the clients who bought in at the basic level. Private racks are available from quality green hosting providers.
These private racks can be segregated from the rest of the server room by steel mesh cages or even entire, partitioned walls that require a second PIN to gain access. If you are big, or plan to get that way fast, ask your host rep if they offer that extra layer of protection. Betcha they don’t.
Virtual Racks and web security
Essentially virtual racks are private, dedicated networks. They’re commonly used by businesses that collect and maintain a lot of sensitive customer data like credit card numbers and names – a commodity in the cracker world.
Virtual racks are what used to be called dedicated servers but today, through the use of tech that wasn’t even available 36 months ago, virtual = dedicated servers with all that sweet bandwidth and CPU access on demand. Virtual racks can be hardwired with firewalls, backed up off site, surrounded by anti-everything barbed wire and monitored by a human 24/7.
If you’re serious about your vision, or your on-line business is seriously successful, look for virtual racks for added security in an age when a 15-year-old a dozen time zones away can attach dictionary software to you website, wait a day or two to find the PIN and snag ALL your client records.
Whew! I don’t want to be the one who sends the letter that “your identity has been compromised.” Might as well close up shop.
Firewalls and web security
Mentioned before but worthy of a closer look.
Firewalls can be hardwired – it’s an actual piece of equipment set up to detect any kind of anomaly from spam to viruses to repeated attempts to access. If you’ve got your business on line, you want a hardwired firewall between your web site and the wild, wild web. Like a deadbolt on the front door.
You also want firewall software installed on your server array to filter out the Trojan that might slip through the hard-wired wall because it’s from a trusted source (who’s been hacked).
Finally, your office network or spare-room business should have a quality firewall installed and up-dated automatically daily. The black hats are ALWAYS developing ways to circumvent server-side security, a never-ending process. That’s why you want a host that delivers multiple layers of security so when the hacker gets through layer A, there’s still layer B, C and D ahead. Guaranteed, that black hat gallops out of town.
SSL Certification and web security
Single socket layer (SSL) security is simply an encryption tool that garbles data during transmission and deciphers the garbled data upon receipt at your host server. If you’re a commercial site, you need SSL certificates encryption coming and going.
Buyers DO look at their address bars, and it they don’t see the “s” as in https://www.yoursite.com, they know the page is NOT secure. Forget the little padlock. Hackers copied that last millennium. Savvy on-line buyers want that “s” to show up. It tells them that they’re on a secure, encrypted page and it’s safe to enter that credit card information without worry.
Analog Web Security
If the electricity goes off where your server and web site reside, you’re off-line. Not good.
A few years back, a quality web host could deliver a 99.9% uptime guarantee. Not bad.
Today, with fiber optic connectivity and instant energy backup, a top-tier web host guarantees a 100% up time. Your web site is never off line, even if there’s a tornado blowing through town. Switching technology moves your web site out of harm’s way instantly.
Floods, hurricanes, blizzards, heat waves – whatever nature throws at a premium web host, that host has a contingency plan. In fact, Plan A, B, C right on down the line. So analog threats are non-existent. At all cost, business owners should absolutely avoid these top security blunders . If the host guarantees 100% uptime, you know that host is using state-of-the-art security technology. This includes double locked cages to protect multiple servers to algorithmic-based access and smart-door technology to keep bad people from doing bad things in the host’s server room.
Work with a web hosting company that takes security seriously. You do…..right?