In today’s world of electronic insecurity every step you, as a business owner, take to prevent hacks, data theft, denials of service, and any kind of online threats will help in making sure you don’t go down with your business.
Right from the first day, you should be aware that online security is not a one-time fix and that it should never, ever be taken for granted because the methods and technology the “baddies” use keep evolving and getting better by the day. Whatever “latest” security measure you have in place today, you can rest assured, becomes obsolete in just a matter of days or even hours.
Now, while you may focus on keeping the lids tight on your website and letting your hosting provider handle the safety of your backend servers, you really shouldn’t be too distant from the task. You should regularly enquire to see what steps have been taken to make sure you have a safe server. If you see any weak or neglected points, you should come forward and ask that they be corrected.
Towards that end, we will see 5 things that need to be implemented on your server so that you can say it is, indeed, a secure one.
- Trained Staff – no matter how much time, effort, and money a web hosting provider puts into its safety and security technology, it will all be wasted if the staff that are assigned to monitor and administer it aren’t well-trained on how to go about handling it all.
Always ask for the licenses and certifications your hosting provider has and what qualifications its staff has. While they might not want to divulge each employee’s professional, they should at least be willing to paint you a reassuring picture showing you are in capable hands.
- Regular Updates – before any sophisticated security system is installed, the hosting provider should have a routine and schedule they follow when it comes to making sure all platforms and scripts are updated.
Again, without the latest technology to sit on, any add-on security measure will – like a castle built on sand – eventually crumble. Ask about the schedules and routines. Go through all or as many of their software to see if they are all up-to-date.
- Strict Access – the one thing that can prevent anyone from accessing or modifying another person’s data is their access privilege. What you are allowed to see or access is different from what your clients are permitted to see and access. Every user on your server (especially if it is in a shared hosting environment) should be isolated from the others. They should not be able to access/modify one another files, as would be the case when accounts are created en masse or using a template.
Make sure you keep an eye on access and trail records to spot any usernames that are accessing your files and/or data. If you spot any discrepancy, report it immediately and start your server lockdown procedure (deny access to all, reset all passwords, go through permissions, grant access as required, then finally allow access again).
- Proxies, Firewalls, et al – whether they are soft- or hardware, proxies and firewalls are a great way of keeping track of who comes into the network that holds your host server and what goes out from it. This, in fact, is the basic building block in any network security architecture – having a proxy and/or firewall in place. A good hosting provider will start with an “all-denied” initial policy and modify it as they go when new users subscribe, new staff join the company, new types of data need to go in and out of the network, etc. Of course, they also keep an eye on the opposite: when users unsubscribe, staff leave the company, and there is no longer the need for some types of data to pass through the network.
Ask your hosting provider what kind of access policy they have, how they monitor it, etc. you should be able to get a clear picture on how good they are keeping you safe.
- Encryption – there was once a time when data encryption was something only spy guys used and only their organizations could afford the processing power to both encode and decode data; not anymore. Today, data encryption is a security layer that can be added at the app level – meaning it is so light that there is almost no significant data footprint that would make you worry about bandwidth and processing costs.
Any hosting provider that doesn’t guarantee data encryption, especially to clients who handle financial and personal data and information of a multitude of clients, should be given a wide berth.
And so, if your hosting provider doesn’t have all of these 5 points built into its hosting package, you should immediately cut them loose and move on to one that can offer them all to you. The right time to ensure data security is always yesterday – So, make your move now!