Get Serious About Website Security

Three tips to stop hackers
By Ben Landers
May 9, 2016
COLUMN | Operations

Website hacking isn’t something that only happens to big companies. Every week, my office receives at least half a dozen calls from local small business owners that need help fixing a hacked website and the volume of these calls appears to be increasing. Despite common perception, hackers don’t only want to hack large e-commerce sites to access financial data. Many small business websites are also targets for robots and programs created by hackers to search for and take advantage of security loopholes. Most small-business websites get hacked in this automated fashion.

For a close-to-home example: last spring, the website of a window and door replacement company that supplies and installs high-end replacement and new construction windows to affluent, well-educated, highly-esteemed homeowners was hacked. The banner on the company’s site, which once featured beautiful, high-end homes showcasing the company’s work, was replaced with large, full-color Viagra ads—not what the company’s clientele wants to see when researching window contractors.

The Stakes

Even if your website doesn’t collect personal, financial data from visitors, there are still enormous costs associated with getting hacked. First, there’s damage to your reputation, as in the earlier example. Plus, prospects and customers won’t necessarily assume the site was hacked.

Also at risk are those hard earned rankings on Google. Google has taken major steps to protect users from clicking on hacked sites. Perhaps you’ve even seen Google’s warnings when browsing a search results page that displays “This site may harm your computer.” Do you click on sites with that notification? Neither do most of your prospects and customers.

This warning alone is enough to lose sales—permanently. Window and door companies will spend thousands on search engine optimization to improve their website’s rankings, but then spend nothing to keep their site secure. That, in a nutshell, is insane.

There’s also cost involved in fixing the problem, which you’ll likely have to pay a website developer to do. Sometimes the fix is simple; in cases where a site has been neglected for years, a more extensive solution is in order. In serious cases, business owners have to completely rebuild their websites.

Three Steps to Protect Your Website

The first step to take to prevent your website from being hacked is to select a reputable website hosting company.

The second precaution to take is to use strong passwords. One of the reasons that so many small business websites get hacked is due to weak passwords such as, “admin123,” “soccer” or “password.” Instead, use passwords that are at least eight characters and that include upper and lowercase letters, plus numbers and symbols.

The third way to protect your website is to keep your website’s content management system up-to-date. Most content management systems (e.g., WordPress, Joomla, etc.) use plugins. From time to time, plugins are updated—mostly to patch an identified security update. When plugins update, you must update your site. A good web marketing firm can do this via some type of webmaster services agreement or as part of the hosting package they offer.

Closing Thoughts

Increasingly, consumers turn to the web first when researching windows and hackers are constantly trying to transfer the value you’ve created into their pocket. Take steps to protect what you’ve worked so hard to build.

Ben Landers is the president and CEO of Blue Corona—an Inc. 500 online marketing company that helps window and door manufacturers and replacement companies accurately track the results of their advertising programs and use the web to generate more leads, sales and raving fans.